Skip to main content
Disciplines
Automotive
Business IT + Informatics
Construction + Real Estate
Electrical Engineering + Electronics
Energy + Sustainability
Insurance + Risk
Finance + Banking
Management + Leadership
Marketing + Sales
Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Start single access now
Request access for companies
EXTENDED SEARCH
Log in
Top

Hint

Swipe to navigate through the chapters of this book

Published in:
Integrating Cyber-D&D into Adversary Modeling for Active Cyber Defense Read chapter Read first chapter

2016 | OriginalPaper | Chapter

Cyber Security Deception

Authors : Mohammed H. Almeshekah, Eugene H. Spafford

Published in: Cyber Deception

Publisher: Springer International Publishing

Login to get access

Abstract

Our physical and digital worlds are converging at a rapid pace, putting a lot of our valuable information in digital formats. Currently, most computer systems’ predictable responses provide attackers with valuable information on how to infiltrate them. In this chapter, we discuss how the use of deception can play a prominent role in enhancing the security of current computer systems. We show how deceptive techniques have been used in many successful computer breaches. Phishing, social engineering, and drive-by-downloads are some prime examples. We discuss why deception has only been used haphazardly in computer security. Additionally, we discuss some of the unique advantages deception-based security mechanisms bring to computer security. Finally, we present a framework where deception can be planned and integrated into computer defenses.

To get access to this content you need the following product:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt 90 Tage mit der neuen Mini-Lizenz testen!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe



 


Jetzt 90 Tage mit der neuen Mini-Lizenz testen!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt 90 Tage mit der neuen Mini-Lizenz testen!

inform now
previous chapter Integrating Cyber-D&D into Adversary Modeling for Active Cyber Defense
next chapter Quantifying Covertness in Deceptive Cyber Operations
Footnotes
5
This term is widely used to refer to enterprises’ employees bringing their own digital devises and using them to access the companies’ resources.
 
Literature
1.
2.
J. J. Yuill, Defensive Computer-Security Deception Operations: Processes, Principles and Techniques. PhD Dissertation, North Carolina State University, 2006.
3.
B. Cheswick, “An Evening with Berferd in Which a Cracker is Lured, Endured, and Studied,” in Proceedings of Winter USENIX Conference, (San Francisco), 1992.
4.
C. P. Stoll, The Cuckoo’s Egg: Tracing a Spy Through the Maze of Computer Espionage. Doubleday, 1989.
5.
6.
L. Spitzner, Honeypots: Tracking Hackers. Addison-Wesley Reading, 2003.
7.
G. H. Kim and E. H. Spafford, “Experiences with Tripwire: Using Integrity Checkers for Intrusion Detection,” tech. rep., Department of Computer, Purdue University, West Lafayette, IN, 1994.
8.
D. Dagon, X. Qin, G. Gu, W. Lee, J. Grizzard, J. Levine, and H. Owen, “Honeystat: Local Worm Detection Using Honeypots,” in Recent Advances in Intrusion Detection, pp. 39–58, Springer, 2004.
9.
10.
C. Mulliner, S. Liebergeld, and M. Lange, “Poster: Honeydroid-Creating a Smartphone Honeypot,” in IEEE Symposium on Security and Privacy, 2011.
11.
M. Wählisch, A. Vorbach, C. Keil, J. Schönfelder, T. C. Schmidt, and J. H. Schiller, “Design, Implementation, and Operation of a Mobile Honeypot,” tech. rep., Cornell University Library, 2013.
12.
C. Seifert, I. Welch, and P. Komisarczuk, “Honeyc: The Low Interaction Client Honeypot,” Proceedings of the 2007 NZCSRCS, 2007.
13.
K. G. Anagnostakis, S. Sidiroglou, P. Akritidis, K. Xinidis, E. Markatos, and A. D. Keromytis, “Detecting Targeted Attacks Using Shadow Honeypots,” in Proceedings of the 14th USENIX Security Symposium, 2005.
14.
D. Moore, V. Paxson, S. Savage, C. Shannon, S. Staniford, and N. Weaver, “Inside the Slammer Worm,” IEEE Security & Privacy, vol. 1, no. 4, pp. 33–39, 2003. CrossRef
15.
16.
17.
N. Rowe, E. J. Custy, and B. T. Duong, “Defending Cyberspace with Fake Honeypots,” Journal of Computers, vol. 2, no. 2, pp. 25–36, 2007. CrossRef
18.
T. Holz and F. Raynal, “Detecting Honeypots and Other Suspicious Environments,” in Information Assurance Workshop, pp. 29–36, IEEE, 2005.
19.
C. Kreibich and J. Crowcroft, “Honeycomb: Creating Intrusion Detection Signatures Using Honeypots,” ACM SIGCOMM Computer Communication Review, vol. 34, no. 1, pp. 51–56, 2004. CrossRef
20.
D. Moore, C. Shannon, D. J. Brown, G. M. Voelker, and S. Savage, “Inferring Internet Denial-of-Service Activity,” ACM Transactions on Computer Systems (TOCS), vol. 24, no. 2, pp.115–139, 2006.
21.
22.
J. J. Yuill, M. Zappe, D. Denning, and F. Feer, “Honeyfiles: Deceptive Files for Intrusion Detection,” in Information Assurance Workshop, pp. 116–122, IEEE, 2004.
23.
M. Bercovitch, M. Renford, L. Hasson, A. Shabtai, L. Rokach, and Y. Elovici, “HoneyGen: An Automated Honeytokens Generator,” in IEEE International Conference on Intelligence and Security Informatics (ISI’11), pp. 131–136, IEEE, 2011.
24.
A. Juels and R. L. Rivest, “Honeywords: Making Password-Cracking Detectable,” in Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 145–160, ACM, 2013.
25.
X. Chen, J. Andersen, Z. M. Mao, M. Bailey, and J. Nazario, “Towards an Understanding of Anti-Virtualization and Anti-Debugging Behavior in Modern Malware,” in IEEE International Conference on Dependable Systems and Networks, pp. 177–186, IEEE, 2008.
26.
M. Sourour, B. Adel, and A. Tarek, “Ensuring Security-In-Depth Based on Heterogeneous Network Security Technologies,” International Journal of Information Security, vol. 8, no. 4, pp. 233–246, 2009. CrossRef
27.
28.
R. V. Jones, Reflections on Intelligence. London: William Heinemann Ltd, 1989.
29.
M. H. Almeshekah, Using Deception to Enhance Security: A Taxonomy, Model and Novel Uses. PhD thesis, Purdue University, 2015.
30.
M. Harkins, “A New Security Architecture to Improve Business Agility,” in Managing Risk and Information Security, pp. 87–102, Springer, 2013.
31.
32.
E. M. Hutchins, M. J. Cloppert, and R. M. Amin, “Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains,” Leading Issues in Information Warfare & Security Research, vol. 1, p. 80, 2011.
33.
34.
35.
K. D. Mitnick and W. L. Simon, The Art of Deception: Controlling the Human Element of Security. Wiley, 2003.
36.
P. Vogt, F. Nentwich, N. Jovanovic, E. Kirda, C. Kruegel, and G. Vigna, “Cross-Site Scripting Prevention with Dynamic Data Tainting and Static Analysis,” in The 2007 Network and Distributed System Security Symposium (NDSS’07), 2007.
37.
A. Barth, C. Jackson, and J. C. Mitchell, “Robust Defenses for Cross-Site Request Forgery,” Proceedings of the 15th ACM Conference on Computer and Communications Security (CCS’08), 2008.
38.
39.
M. H. Almeshekah and E. H. Spafford, “Planning and Integrating Deception into Computer Security Defenses,” in New Security Paradigms Workshop (NSPW’14), (Victoria, BC, Canada), 2014.
40.
J. B. Bell and B. Whaley, Cheating and Deception. Transaction Publishers New Brunswick, 1991.
41.
M. Bennett and E. Waltz, Counterdeception Principles and Applications for National Security. Artech House, 2007.
42.
J. R. Thompson, R. Hopf-Wichel, and R. E. Geiselman, “The Cognitive Bases of Intelligence Analysis,” tech. rep., US Army Research Institute for the Behavioral and Social Sciences, 1984.
43.
R. Jervis, Deception and Misperception in International Politics. Princeton University Press, 1976.
44.
G. Hofstede, G. Hofstede, and M. Minkov, Cultures and Organizations. McGraw-Hill, 3rd ed., 2010.
45.
D. Gus and D. Dorner, “Cultural Difference in Dynamic Decision-Making Strategies in a Non-lines, Time-delayed Task,” Cognitive Systems Research, vol. 12, no. 3–4, pp. 365–376, 2011. CrossRef
46.
R. Godson and J. Wirtz, Strategic Denial and Deception. Transaction Publishers, 2002.
47.
A. Tversky and D. Kahneman, “Judgment under Uncertainty: Heuristics and Biases.,” Science, vol. 185, pp. 1124–31, Sept. 1974.
48.
S. A. Sloman, “The Empirical Case for Two Systems of Reasoning,” Psychological Bulletin, vol. 119, no. 1, pp. 3–22, 1996. CrossRef
49.
A. Tversky and D. Koehler, “Support Theory: A Nonextensional Representation of Subjective Probability.,” Psychological Review, vol. 101, no. 4, p. 547, 1994.
50.
A. Tversky and D. Kahneman, “Extensional Versus Intuitive Reasoning: The Conjunction Fallacy in Probability Judgment,” Psychological review, vol. 90, no. 4, pp. 293–315, 1983. CrossRef
51.
L. Zhao and M. Mannan, “Explicit Authentication Response Considered Harmful,” in New Security Paradigms Workshop (NSPW ’13), (New York, New York, USA), pp. 77–86, ACM Press, 2013.
52.
R. S. Nickerson, “Confirmation Bias: A Ubiquitous Phenomenon in Many Guises,” Review of General Psychology, vol. 2, pp. 175–220, June 1998.
53.
C. Sample, “Applicability of Cultural Markers in Computer Network Attacks,” in 12th European Conference on Information Warfare and Security, (University of Jyvaskyla, Finland), pp. 361–369, 2013.
54.
S. B. Murphy, J. T. McDonald, and R. F. Mills, “An Application of Deception in Cyberspace: Operating System Obfuscation,” in Proceedings of the 5th International Conference on Information Warfare and Security (ICIW 2010), pp. 241–249, 2010.
55.
W. Wang, J. Bickford, I. Murynets, R. Subbaraman, A. G. Forte, and G. Singaraju, “Detecting Targeted Attacks by Multilayer Deception,” Journal of Cyber Security and Mobility, vol. 2, no. 2, pp. 175–199, 2013. CrossRef
56.
X. Fu, On Traffic Analysis Attacks and Countermeasures. PhD Dissertation, Texas A & M University, 2005.
57.
S. A. Hofmeyr, S. Forrest, and A. Somayaji, “Intrusion Detection Using Sequences of System Calls,” Journal of Computer Security, vol. 6, no. 3, pp. 151–180, 1998. CrossRef
58.
F. Cohen and D. Koike, “Misleading Attackers with Deception,” in Proceedings from the 5th annual IEEE SMC Information Assurance Workshop, pp. 30–37, IEEE, 2004.
59.
T. E. Carroll and D. Grosu, “A Game Theoretic Investigation of Deception in Network Security,” Security and Communication Networks, vol. 4, no. 10, pp. 1162–1172, 2011. CrossRef
60.
R. Hesketh, Fortitude: The D-Day Deception Campaign. Woodstock, NY: Overlook Hardcover, 2000.
Metadata
Title
Cyber Security Deception
Authors
Mohammed H. Almeshekah
Eugene H. Spafford
Copyright Year
2016
Book
Cyber Deception

Print ISBN: 978-3-319-32697-9

Electronic ISBN: 978-3-319-32699-3

Copyright Year: 2016

DOI
https://doi.org/10.1007/978-3-319-32699-3_2

Premium Partner

Neuer Inhalt
    Image Credits