nach oben

vorheriges Kapitel A Proactive and Deceptive Perspective for Role ...

nächstes Kapitel Cyber-Deception and Attribution in Capture-the-...

Tipp

Weitere Kapitel dieses Buchs durch Wischen aufrufen

2016 | OriginalPaper | Buchkapitel

Effective Cyber Deception

Erstes Kapitel lesen

Autor: A. J. Underbrink

Verlag: Springer International Publishing

Erschienen in: Cyber Deception

» Jetzt Zugang zum Volltext erhalten

Abstract

Cyber deception may be an effective solution to exposing and defeating malicious users of information systems. Malicious users of an information system include cyber intruders, advanced persistent threats, and malicious insiders. Once such users gain unobstructed access to, and use of, the protected information system, it is difficult to distinguish between legitimate and illegitimate users.

We view cyber deception as comprised of two broad categories: active deception and passive deception. Active deception proactively applies strategies and actions to respond to the presence of malicious users of an information system. Actions of a malicious user are anticipated prior to their execution and counter actions are predicted and taken to prevent their successful completion or to misinform the user. Active deception may employ decoy systems and infrastructure to conduct deception of malicious users and sometimes assumes that a malicious user has already been detected and possibly confirmed by sensing systems.

Passive deception employs decoy systems and infrastructure to detect reconnaissance and to expose malicious users of an information system. Decoy systems and services are established within the protected boundary of the information system. Interactions with decoy systems and services may be considered suspicious, if not conclusively malicious. Since reconnaissance and exploration of the information system are the first steps in the process of attacking an information system, detecting reconnaissance enables an active defense system to quickly identify a malicious user and take action. Like active deception, passive deception can provide misinformation to the malicious reconnaissance. We argue that effective cyber deception includes both active and passive techniques.

Bitte loggen Sie sich ein, um Zugang zu diesem Inhalt zu erhalten

Jetzt einloggen Kostenlos registrieren

Sie möchten Zugang zu diesem Inhalt erhalten? Dann informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 69.000 Bücher
über 500 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Umwelt
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe

Testen Sie jetzt 30 Tage kostenlos.

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 50.000 Bücher
über 380 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Umwelt
Maschinenbau + Werkstoffe

Testen Sie jetzt 30 Tage kostenlos.

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 58.000 Bücher
über 300 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb

Testen Sie jetzt 30 Tage kostenlos.

Jetzt informieren

Abbasi, F. H., & Harris, R. J. (2009). Experiences with a generation III virtual honeynet. In Telecommunication Networks and Applications Conference (ATNAC) (pp. 1–6).

Borders, K., Falk, L., & Prakash, A. (2007). OpenFire: Using deception to reduce network attacks. Paper presented at the Third International Conference on Security and Privacy in Communications Networks and the Workshops (SecureComm 2007)

Bowen, B. M., Hershkop, S., Keromytis, A. D., & Stolfo, S. J. (2009). Baiting inside attackers using decoy documents In Security and privacy in communication networks (pp. 51–70). Berlin: Springer.

Bowen, B. M., Kemerlis, V. P., Prabhu, P., Keromytis, A. D., & Stolfo, S. J. (2010). Automating the injection of believable decoys to detect snooping. Paper presented at the Proceedings of the third ACM conference on Wireless network security. CrossRef

Filar, J., and Vrieze, K. (1997). Competitive Markov Decision Processes, Springer, NY. MATH

Gerwehr, S., & Anderson, R. H. (2000). Employing deception in INFOSEC. Paper presented at the Information Survivability Workshop (isw2000).

Levine, J., LaBella, R., Owen, H., Contis, D., & Culver, B. (2003). The use of Honeynets to detect exploited systems across large enterprise networks. Paper presented at the Information Assurance Workshop, 2003. IEEE Systems, Man and Cybernetics Society. CrossRef

Michael, J. B., & Wingfield, T. C. (2003). Lawful cyber decoy policy. In D. Gritzalis, S. C. Vimercati, P. Samarati & K. Sokratis (Eds.), Security and privacy in the age of uncertainty (pp. 483-488). Boston, MA: Kluwer. CrossRef

Neagoe, V., & Bishop, M. (2007). Inconsistency in deception for defense. In Proceedings of the 2006 Workshop on New Security Paradigms (pp. 31-38). New York: ACM Press.

10.

Niels, P., & Thorsten, H. (2007). Virtual honeypots: from botnet tracking to intrusion detection: Addison-Wesley Professional.

11.

Perla, E., and Oldani, M. (2011). PART III, Remote Kernel Exploitation in: A Guide to Kernel Exploitation: Attacking the Core, by Syngress, Amsterdam, NL.

12.

Rowe, N. C. (2006). A Taxonomy of deception in cyberspace. In International Conference on Information Warfare and Security. Princess Anne, MD.

13.

Rowe, N. C. (2007). Deception in defense of computer systems from cyber-attack. In A. Colarik & L. Janczewski (Eds.), Encyclopedia of Cyber War and Cyber Terrorism. Hershey, PA: The Idea Group.

14.

Rowe, N. C., Goh, H., Lim, S., & Duong, B. (2007). Experiments with a testbed for automated defensive deception planning for cyber-attacks. In L. Armistead (Ed.), 2nd International Conference on i-Warfare and Security (ICIW 2007) (pp. 185-194). Monterey, California, USA.

15.

Ryu, C., Sharman, R., Rao, H. R., & Upadhyaya, S. (2009). Security protection design for deception and real system regimes: A model and analysis. European Journal of Operational Research, 201(2), 545–556. CrossRefMATH

16.

Spitzner, L. (2003). Honeypots: Tracking hackers. Boston, MA: Pearson Education.

17.

Tirenin, W., & Faatz, D. (1999). A concept for strategic cyber defense. In Military Communications Conference Proceedings (Vol. 1, pp. 458-463). Atlantic City, NJ: IEEE.

18.

Yuill, J. J. (2006). Defensive computer-security deception operations: Processes, principles and techniques. Unpublished dissertation, North Carolina State University.

19.

Yuill, J. J., Denning, D., & Feer, F. (2006). Using deception to hide things from hackers: Processes, principles, and techniques. Journal of Information Warfare, 5(3), 26–40.

Titel

Effective Cyber Deception

Buch

Cyber Deception

Print ISBN: 978-3-319-32697-9

Electronic ISBN: 978-3-319-32699-3

https://doi.org/10.1007/978-3-319-32699-3

DOI

https://doi.org/10.1007/978-3-319-32699-3_6

Autor:

A. J. Underbrink

Verlag

Springer International Publishing

Sequenznummer

Premium Partner

BranchenIndex Online

Die B2B-Firmensuche für Industrie und Wirtschaft: Kostenfrei in Firmenprofilen nach Lieferanten, Herstellern, Dienstleistern und Händlern recherchieren.

Zur B2B-Firmensuche

Whitepaper

- ANZEIGE -

Best Practices für die Mitarbeiter-Partizipation in der Produktentwicklung

Unternehmen haben das Innovationspotenzial der eigenen Mitarbeiter auch außerhalb der F&E-Abteilung erkannt. Viele Initiativen zur Partizipation scheitern in der Praxis jedoch häufig. Lesen Sie hier - basierend auf einer qualitativ-explorativen Expertenstudie - mehr über die wesentlichen Problemfelder der mitarbeiterzentrierten Produktentwicklung und profitieren Sie von konkreten Handlungsempfehlungen aus der Praxis.
Jetzt gratis downloaden!

Bildnachweise

Neuer Inhalt/© ITandMEDIA, Best Practices für die Mitarbeiter-Partizipation in der Produktentwicklung/© astrosystem | stock.adobe.com