Modelling Of The State Of Systems With Defensive Deception

Keywords

Abstract model; CND; Cyber Defensive Deception; State Machine model

Abstract

Cyber deception is usually synonymous with nefarious activities led by attackers. Motivated attackers will stop at nothing to accomplish their mission and deception is amongst the tools they use. Cyber defenders have also begun using deception as an instrument to further enhance overall defensive strength. Deception has been leveraged to research attacker behaviors and their associated tactic techniques and procedures using custom built monitoring systems commonly referred to as honeypots. More recently several cyber defense deception models have been proposed to better understand the mechanisms involved with applying deception as a defensive instrument. This paper surveys three models of deception and formulates an abstract view of the deception process. Using this abstract view a state machine model has been developed to characterize the flow of events and high level changes that occur with the elements under scrutiny during a deception. This model provides an insight into how the state of the system hosting the deception changes based on implementing the deception and the actions of attackers.

Publication Date

3-17-2017

Publication Title

Proceedings - 2016 International Conference on Computational Science and Computational Intelligence, CSCI 2016

Number of Pages

1031-1036

Document Type

Article; Proceedings Paper

Personal Identifier

scopus

DOI Link

https://doi.org/10.1109/CSCI.2016.0197

Socpus ID

85017314681 (Scopus)

Source API URL

https://api.elsevier.com/content/abstract/scopus_id/85017314681

This document is currently not available here.

Share

COinS