Cyber Denial, Deception and Counter Deception

Heckman, Kristin E.; Stech, Frank J.; Thomas, Roshan K.; Schmoker, Ben; Tsow, Alexander W.

doi:10.1007/978-3-319-25133-2

Cited by 44 publications

(22 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Typically, deception is not applied as a single mechanism for software systems defense. Instead, it is used orthogonally with techniques of denial and obfuscation, which brings particular opportunities for defense [2]. For example, adversaries are manipulated to spend more resources and time to accomplish tasks, which opens the possibility of learning about the attackers' modus operandi rather than merely monitor, detect, and block intrusions.…”

Section: Deception-based Defensementioning

confidence: 99%

“…Studies on evolutionary biology show that deception plays a key role in the evolution of creatures, representing an advantage over their competitors [1]. This idea has echoed in the virtual world where the use of deception techniques for defense is currently a relevant component of active defense [2]. Deception aims at altering the perception of attackers by using negative information (fictions) or deliberate actions in favor of the defense [3].…”

Section: Introductionmentioning

confidence: 99%

“…Several strategies exist to implement deception in a system [2]. A program or even the operating system can be modified by hand to incorporate deceptive elements.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

A SPL Framework for Adaptive Deception-based Defense

Faveri¹,

Moreira²

2018

Proceedings of the 51st Hawaii International Conference on System Sciences

View full text Add to dashboard Cite

In cyber defense, integrated deception mechanisms have been proposed as part of the system operation to enhance security by planting fake resources. The objective is to entice attackers and confuse them in determining the legitimacy of those resources. Although several strategies exist to implement deception in a software system, developing and integrating such solutions are primarily made in an ad-hoc fashion. This hinders reuse and does not consider the operation life cycle management. Additionally, support for adaptive deception is not considered. To alleviate these problems, we propose a framework based on software product lines and aspect-oriented techniques to generate adaptive deception-based defense strategies. We illustrate the feasibility of our approach with an example from the web applications domain, by integrating honeywords into an authentication mechanism to mitigate offline password cracking attacks.

show abstract

Section: Deception-based Defensementioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A SPL Framework for Adaptive Deception-based Defense

Faveri¹,

Moreira²

2018

Proceedings of the 51st Hawaii International Conference on System Sciences

View full text Add to dashboard Cite

show abstract

“…The approach utilised by cybercriminals has made threat intelligence no longer a trivial aspect of defence for organisations due to the leveraging of Advance Persistent Threat (APT) [20], [23]- [25]. APT represents wellresourced and trained adversaries [20] that aims in acquiring high target and valued information.…”

Section: Introductionmentioning

confidence: 99%

“…While malware detection and mitigation research is not new, effectively detecting and mitigating malware remains challenging due to the constant evolution of malware and malware authors [30]. Cyber Kill Chain (CKC) is one of the most widely used operational threat intelligence models to explain intrusion campaigns activities [23], [31]. CKC is based on the kill chain tactic of the US military's F2T2EA (find, fix, track, target, engage and assess) [20], and contains seven stages/steps as shown on Figure 1 [20], [23], [31]- [34].…”

Section: Introductionmentioning

confidence: 99%

A cyber kill chain based taxonomy of banking Trojans for evolutionary computational intelligence

Kiwia

Dehghantanha

Choo

et al. 2018

Journal of Computational Science

View full text Add to dashboard Cite

Malware such as banking Trojans are popular with financially-motivated cybercriminals. Detection of banking Trojans remains a challenging task, due to the constant evolution of techniques used to obfuscate and circumvent existing detection and security solutions. Having a malware taxonomy can facilitate the design of mitigation strategies such as those based on evolutionary computational intelligence. Specifically, in this paper, we propose a cyber kill chain based taxonomy of banking Trojans features. This threat intelligence based taxonomy providing a stage-by-stage operational understanding of a cyber-attack, can be highly beneficial to security practitioners and the design of evolutionary computational intelligence on Trojans detection and mitigation strategy. The proposed taxonomy is validated by using a real-world dataset of 127 banking Trojans

show abstract