nach oben

Erschienen in:

2016 | OriginalPaper | Buchkapitel

Cyber-Security: Role of Deception in Cyber-Attack Detection

verfasst von : Palvi Aggarwal, Cleotilde Gonzalez, Varun Dutt

Erschienen in: Advances in Human Factors in Cybersecurity

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Cyber-attacks are increasing in the real-world and cause widespread damage to cyber-infrastructure and loss of information. Deception, i.e., actions to promote the beliefs of things that are not true, could be a way of countering cyber-attacks. In this paper, we propose a deception game, which we use to evaluate the decision making of a hacker in the presence of deception. In an experiment, using the deception game, we analyzed the effect of two between-subjects factors in Hacker’s decisions to attack a computer network (N = 100 participants): amount of deception used and the timing of deception. The amount of deception used was manipulated at 2-levels: low and high. The timing of deception use was manipulated at 2-levels: early and late. Results revealed that using late and high deception condition, proportion of not attack actions by hackers are higher. Our results suggest that deception acts as a deterrence strategy for hacker.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Cyber Operator Perspectives on Security Visualization

Nächstes Kapitel Role of Intrusion-Detection Systems in Cyber-Attack Detection

Trustwave Global Security. Report retrieved from: https://www2.trustwave.com/rs/815-RFM-693/images/2015_TrustwaveGlobalSecurityReport.pdf

Symantec Corporation. Internet security threat report Retrieved from http://www.symantec.com/content/en/us/enterprise/other_resources/bistr_main_report_v19_21291018.en-us.pdf (2014)

Whaley, B.: Toward a general theory of deception. J. Strateg. Stud. Frank Cass Lond. 5(1), 178–192 (1982)

Glantz, D.: Military Deception in the Second World War. Cass Series on Soviet Military Theory & Practice. Routledge, London. ISBN 978-0-714-63347-3 (1989)

Denning, D.: Information warfare and security. AddisonWesley, New York (1999)

Mitnick, K.D., Simon, W.L.: The art of deception: controlling the human element of security. Wiley, New York City (2011)

Rowe, N.C., Custy, E.J.: Deception in cyber attacks. In Janczewski L.J., Colarik A.M. (Eds.), Cyber Warfare and Cyber Terrorism, Hershey, PA, Inf. Sci. Ref. pp. 91–93 (2008)

Dutt, V., Ahn, Y.S., Gonzalez, C.: Cyber situation awareness modeling detection of cyber-attacks with instance-based learning theory. Hum. Factors J. Hum. Factors Ergon. Soc. 55(3), 605–618 (2013)CrossRef

Arora, A., Dutt, V.: Cyber security: evaluating the effects of attack strategy and base rate through instance based learning. In: 12th International Conference on Cognitive Modeling. Ottawa, Canada (2013)

10.

Kaur, A., Dutt, V.: Cyber situation awareness: modeling the effects of similarity and scenarios on cyber attack detection. Paper presented at the 12th International Conference on Cognitive Modeling. Ottawa, Canada (2013)

11.

Gonzalez, C., Dutt, V.: Instance-based learning: integrating sampling and repeated decisions from experience. Psychol. Rev. 118(4), 523 (2011)CrossRef

12.

Roy, S., Ellis, C., Shiva, S., Dasgupta, D., Shandilya, V., Wu, Q.: A survey of game theory as applied to network security. In: 2010 43rd Hawaii International Conference on System Sciences (HICSS), (pp. 1-10). IEEE (2010)

13.

Camerer, C.: Behavioral game theory: experiments in strategic interaction. Princeton University Press, Princeton (2003)

14.

Alpcan, T., Başar, T.: Network security: a decision and game-theoretic approach. Cambridge University Press, Cambridge (2010)

15.

Crouse, M.: Performance Analysis of Cyber Deception Using Probabilistic Models (2012)

16.

Garg, N., Daniel, G.: Deception in honeynets: a game-theoretic analysis. Information Assurance and Security Workshop. IAW’07. IEEE SMC. IEEE, 2007

17.

Dutt, V., Gonzalez, C.: Making instance-based learning theory usable and understandable: the instance-based learning tool. Comput. Hum. Behav. 28(4), 1227–1240 (2012). doi:10.1016/j.chb.2012.02.006 CrossRef

18.

Gonzalez, C., Lerch, J.F., Lebiere, C.: Instance-based learning in dynamic decision making. Cogn. Sci. 27(4), 591–635 (2003). doi:10.1016/S0364-0213(03)00031-4 CrossRef

19.

Kahneman, D., Tversky, A.: Prospect theory: an analysis of decision under risk. Econometrica 263–291, (1979)

20.

Tversky, A., Kahneman, D.: Advances in prospect theory: cumulative representation of uncertainty. J Risk Uncertainty 5(4), 297–323 (1992)CrossRefMATH

21.

Nevo, I., Ido, E.: On surprise, change, and the effect of recent outcomes. Frontiers in psychology 3 (2012)

22.

George, L.: Cyber-physical attacks. Retrieved from http://www.professionalsecurity.co.uk/reviews/cyber-physical-attacks (2015)

23.

Titel: Cyber-Security: Role of Deception in Cyber-Attack Detection
verfasst von: Palvi Aggarwal
Cleotilde Gonzalez
Varun Dutt
Verlag: Springer International Publishing
Buch: Advances in Human Factors in Cybersecurity
Print ISBN: 978-3-319-41931-2

Electronic ISBN: 978-3-319-41932-9

Copyright-Jahr: 2016
DOI: https://doi.org/10.1007/978-3-319-41932-9_8

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"