Weitere Kapitel dieses Buchs durch Wischen aufrufen
Cyber deception can become an essential component of organizing cyber operations in the modern cyber landscape. Cyber defenders and mission commanders can use cyber deception as an effective means for protecting mission cyber assets and ensuring mission success, through deceiving and diverting adversaries during the course of planning and execution of cyber operations and missions. To enable effective integration of cyber deception, it would be necessary to create a systematic design process for building a robust and sustainable deception system with extensible deception capabilities guided by a Command and Control interface compatible with current Department of Defense and civilian cyber operational practices and standards. In this chapter, the authors discuss various design aspects of designing cyber deception systems that meet a wide range of cyber operational requirements and are appropriately aligned with mission objectives. These design aspects include general deception goals, deception design taxonomy, tradeoff analysis, deception design process, design considerations such as modularity, interfaces and effect to cyber defenders, interoperability with current tools, deception scenarios, adversary engagement, roles of deception in cyber kill chains, and metrics such as adversary work factor. The authors expect to present the challenges and opportunities of designing cyber deception systems and to trigger further thoughts and discussions in the broader research community.
Bitte loggen Sie sich ein, um Zugang zu diesem Inhalt zu erhalten
Sie möchten Zugang zu diesem Inhalt erhalten? Dann informieren Sie sich jetzt über unsere Produkte:
FM101-5_mdmp. “The Military Decision-Making Process”
“THE JOINT OPERATION PLANNING PROCESS FOR AIR,” Last Updated: 09 November 2012
“Command and Control of Joint Air Operations”, Joint Publication 3–30, 10 February 2014
Joint Publication 1–13.4 “Military Deception”, 26 January 2012
“Thwarting Cyber-Attack Reconnaissance with Inconsistency and Deception”, by Neil C. Rowe and Han C. Goh
NIST Pub 800.53, Rev.4 SC26-SC30
CERIAS Tech Report 2015–11 “Using Deception to Enhance Security: A Taxonomy, Model, and Novel Uses”, by Mohammed H. Almeshekah, Center for Education and Research Information Assurance and Security, Perdue University
Joint Publication 3-12(R) “Cyberspace Operations”, 5 Feb 2013
“Cyber Resiliency & Agility – Call to Action”, by Suzanne Hassell, MITRE Resiliency Workshop May 31, 2012
“Planning Cost-Effective Deceptive Resource Denial in Defense to Cyber-Attacks”, by Neil Rowe. In Proceedings of the 2nd International Conference on Information Warfare & Security, page 177. Academic Conferences Limited, 2007
“Cheating and Deception”, by J. Bowyer Bell and Barton Whaley. Transaction Publishers New Brunswick, 1991.
“The Essence of Winning and Losing”, by Boyd, John, R., 28 June 1995.
“Defending Cyberspace with Fake Honeypots”, by Neil Rowe, E. John Custy, and Binh T. Duong. Journal of Computers, 2(2):25–36, 2007.
“Victory and Deceit: Deception and Trickery at War”, by James F. Dunnigan and Albert A. Nofi. Writers Club Press, 2001.
“Confirmation Bias: A Ubiquitous Phenomenon in Many Guises”, by Raymond S. Nickerson. Review of General Psychology, 2(2):175–220, June 1998
“Extensional Versus Intuitive Reasoning: The Conjunction Fallacy in Probability Judgment”, by Amos Tversky and Daniel Kahneman. Psychological review, 90(4):293–315, 1983.
“Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains”, by Eric M. Hutchins, Michael J. Cloppert, and Rohan M. Amin, Leading Issues in Information Warfare & Security Research, 1:80, 2011.
“Fortitude: The D-Day Deception Campaign”, Roger Hesketh. Overlook Hardcover, Woodstock, NY, 2000.
- Design Considerations for Building Cyber Deception Systems
Neuer Inhalt/© ITandMEDIA, Best Practices für die Mitarbeiter-Partizipation in der Produktentwicklung/© astrosystem | stock.adobe.com