Enabling defensive deception in distributed system environments

Soule, Nathaniel; Pal, Partha; Clark, Shane; Krisler, Brian; Macera, Anthony

doi:10.1109/rweek.2016.7573310

Cited by 5 publications

(4 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…On a host-level, machine-learning and malware behavioral analysis techniques can turn attackers' own malware deception back onto them, altering the attacker's decision making [43]. A prototype called KAGE used software defined networking (SDN) to establish an "alternate reality" among distributed systems, deploying deceptive counterparts to attacker-desired services in real time, based on patternmatching rules [47].…”

Section: Defensive Deception Researchmentioning

confidence: 99%

See 1 more Smart Citation

Informing Autonomous Deception Systems with Cyber Expert Performance Data

Major¹,

Souza²,

DiVita³

et al. 2021

Preprint

View full text Add to dashboard Cite

The performance of artificial intelligence (AI) algorithms in practice depends on the realism and correctness of the data, models, and feedback (labels or rewards) provided to the algorithm. This paper discusses methods for improving the realism and ecological validity of AI used for autonomous cyber defense by exploring the potential to use Inverse Reinforcement Learning (IRL) to gain insight into attacker actions, utilities of those actions, and ultimately decision points which cyber deception could thwart. The Tularosa study, as one example, provides experimental data of real-world techniques and tools commonly used by attackers, from which core data vectors can be leveraged to inform an autonomous cyber defense system.

show abstract

Section: Defensive Deception Researchmentioning

confidence: 99%

“…High-interaction decoys and responsive deception tactics have the potential to magnify disruption to the attacker. Other taxonomies of deception actions exist to guide the creation of a more robust deception action space [47][41].…”

Section: Defensive Deception Action Spacementioning

confidence: 99%

Informing Autonomous Deception Systems with Cyber Expert Performance Data

Major¹,

Souza²,

DiVita³

et al. 2021

Preprint

View full text Add to dashboard Cite

show abstract

“…There is also extensive work done on utilizing adversarial transferability in other forms of adversarial attacks, deep learning vulnerabilities in DNNs, and black-box attacks in machine learning. Among other interesting work that served as motivation for this thesis include: utilizing honeypots in defense techniques, such as design and implementation of a honey-trap [12]; deception in decentralized system environments [34]; and using containers in deceptive honeypots [18].…”

Section: Related Workmentioning

confidence: 99%

Using Honeypots in a Decentralized Framework to Defend Against Adversarial Machine-Learning Attacks

Younis

Miri

2019

Lecture Notes in Computer Science

View full text Add to dashboard Cite

The market demand for online machine-learning services is increasing, and so to have are the threats to them. Adversarial inputs represent a new threat to Machine-Learningas-a-Services (MLaaSs). Meticulously crafted malicious inputs can be used to mislead and confuse the learning model, even in cases where the adversary only has access to input and output labels. As a result, there has been increased interest in defence techniques to combat these types of attacks.In this thesis, we propose a network of high-interaction honeypots as a decentralized defence framework that prevents an adversary from corrupting the learning model, primarily through the use of deception. We accomplish our aim by 1) preventing the attacker from correctly learning the labels and approximating the architecture of the black-box system;2) luring the attacker away, towards a decoy model, using HoneyTokens; and 3) creating

show abstract

“…Furthermore, Soule et al [34] described active defensive deception in the context of distributed systems, and built a prototype that creates an alternate reality in which to trap, learn about, and manipulate adversarial actors without affecting normal and legitimate operations. This prototype, called KAGE, employs SDN and virtualization in order to create a malleable substrate in which deception can occur.…”

Section: Toolsmentioning

confidence: 99%

A Systematic Literature Review on Military Software Defined Networks

2018

View full text Add to dashboard Cite

Software Defined Networking (SDN) is an evolving network architecture paradigm that focuses on the separation of control and data planes. SDN receives increasing attention both from academia and industry, across a multitude of application domains. In this article, we examine the current state of obtained knowledge on military SDN by conducting a systematic literature review (SLR). Through this work, we seek to evaluate the current state of the art in terms of research tracks, publications, methods, trends, and most active research areas. Accordingly, we utilize these findings for consolidating the areas of past and current research on the examined application domain, and propose directions for future research.

show abstract

Enabling defensive deception in distributed system environments

Cited by 5 publications

References 2 publications

Informing Autonomous Deception Systems with Cyber Expert Performance Data

Informing Autonomous Deception Systems with Cyber Expert Performance Data

Using Honeypots in a Decentralized Framework to Defend Against Adversarial Machine-Learning Attacks

A Systematic Literature Review on Military Software Defined Networks

Contact Info

Product

Resources

About