Finding Logically Consistent Resource-Deception Plans for Defense in Cyberspace
Loading...
Authors
Rowe, Neil C.
Subjects
Advisors
Date of Issue
2007-05
Date
May 2007
Publisher
Monterey, California. Naval Postgraduate School
Language
Abstract
We explore a new approach to defense of computer systems, deliberately deceiving attackers as to resource availability. This can be
more effective than outright denial of access because it encourages an attacker to waste time continuing their attack. But effective
deceptions must be consistent to convince an adversary. We are exploring automated methods for maintaining logical consistency by
tracking assertions made so far with associated causal and other indirect implications. We have built a deception planner that takes
as input as sequence of operating-system commands and finds the possible consistent deceptions as per our logical constraints, and
rates the deceptions using several criteria. In a test on a generic planning model of rootkit installation, it found 72 of 558 possible
deceptions were acceptable and rated them.
Type
Conference Paper
Description
This paper appeared in the Third International Symposium on Security in Networks and Distributed Systems, Niagra Falls, Ontario,
Canada, pp. 563-568, May 2007.
Series/Report No
Department
Organization
Identifiers
NPS Report Number
Sponsors
supported by the National Science Foundation under the Cyber Trust Program
Funder
Format
Citation
Distribution Statement
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.