Adversarial Analyst, Critical Start
Raised in the woods of Alaska, Juneau attributes her love of hacking to a childhood spentbuilding and breaking things outside. After studying computer science and economics, she moved to Dallas, Texas, where she found a home in the local hacker community. Juneau began research on applying behavioral economics to adversarial tactics. After her successful first talk at Dallas Hacker's Association on the prisoner’s dilemma, she began presenting her research at cons across the country. Currently, she works as an adversarial analyst doing consultant red teaming. She is also continuing her research and education as a cybersecurity fellow at NYU. When she is not hacking or asking strangers to act out the prisoner's dilemma, Juneau breathes fire, plays the bass, and runs DC214; Dallas's DefCon group.
Game Theory is the study of choices and strategies made by rational actors, called "players," in competitive situations, and it offers us a way to study and map human conflict. Statisticians use game theory to model war, biology, and even football. We will model the choices and behavior demonstrated by real-world adversarial conflict. Usingthese models, we will discuss how players form strategies and how other actors can influence those strategies. The talk will begin with an overview of game-theoretic modeling and its application to adversary behavior. Using the Prisoner's Dilemma as an example, we will look at how to model and analyze a single game. We can then model repeated interactions and demonstrate how "players" can influence each other's choices. These models will lay the foundations we need to look at more realistic adversary conflict. Next, we are going to look at how players can exploit information asymmetry. Emerging techniques such as dynamic honeynets and virtual attack surfaces both investigate attackers while manipulating their beliefs. We will build a Signaling Game model to show how defenders can credibly deceive adversaries. Using this model, we will look at a scenario where a defender observes multiple attacker movements within a network. While sustained engagement can help the defender learn more about the attacker and provide them false information, it comes at the risk of added exposure. In this scenario, there is a trade-off between information gained and short-term security. This talk will not look at network topology or protocols but will instead look at information exchange and strategy. We will then apply the same models to an adversarial perspective. Sustained engagement with a defender can provide an attacker with information and the opportunity to deceive defenders. However, that comes with a risk. How does an attacker's strategy change when a defender can eject them from the network at any time? By analyzing conflict where strategy and choices determine the outcome, we learn more about how to understand others' tactics and influence them with our own decisions.
