Research on Deception in Defense of Information Systems
| dc.contributor.author | Rowe, Neil C. | |
| dc.contributor.author | Auguston, Mikhail | |
| dc.contributor.author | Drusinsky, Doron | |
| dc.contributor.author | Michael, J. Bret | |
| dc.contributor.department | Computer Science (CS) | |
| dc.date | June 2004 | |
| dc.date.accessioned | 2013-09-20T17:14:51Z | |
| dc.date.available | 2013-09-20T17:14:51Z | |
| dc.date.issued | 2004-06 | |
| dc.description | This paper appeared in the Command and Control Research and Technology Symposium, San Diego, CA, June 2004. | en_US |
| dc.description.abstract | Our research group has been broadly studying the use of deliberate deception by software to foil attacks on information systems. This can provide a second line of defense when access controls have been breached or against insider attacks. The thousands of new attacks being discovered every year that subvert access controls say that such a second line of defense is desperately needed. We have developed a number of demonstration systems, including a fake directory system intended to waste the time of spies, a Web information resource that delays suspicious requests, a modified file-download utility that pretends to succumb to a buffer overflow, and a tool for systematically modifying an operating system to insert deceptive responses. We are also developing an associated theory of deception that can be used to analyze and create offensive and defensive deceptions, with especial attention to reasoning about time using temporal logic. We conclude with some discussion of the legal implications of deception by computers. | en_US |
| dc.description.distributionstatement | Approved for public release; distribution is unlimited. | |
| dc.identifier.uri | https://hdl.handle.net/10945/36583 | |
| dc.publisher | Monterey, California. Naval Postgraduate School | en_US |
| dc.title | Research on Deception in Defense of Information Systems | en_US |
| dc.type | Conference Paper | en_US |
| dspace.entity.type | Publication |
