CDGym: Expandable, Model-Agnostic Cyber Deception Platform

The demand for sophisticated network defense techniques has continuously increased as the threats posed by rapidly evolving cyber attacks have also increased. In response, cyber deception has emerged as a promising solution, leveraging manipulation of adversaries’ decision-making processes to delay and analyze the attacks. In this presentation, we present the architecture of CDGym, a federated platform for supporting cyber deception experiments with various deception strategies, which attempts to overcome the existing challenges in the field of game-theoretic cyber deception research.

CDGym is designed to be generic for testing and analyzing various game-theoretic strategies rather than limited to a specific model type or strategy. We present how CDGym implement different strategies utilizing network virtualization techniques such as SDN. We will also show CDGym is easy-to-use, agnostic to game models, and can collect meaningful data required to analyze the efficacy of the deception strategy.