A Model of Deception during Cyber-Attacks on Information Systems
Rowe_A_Model_of.pdf (262.5Kb)Abstract
Deception is a classic technique useful for military operations. With information systems around the world under frequent attack
every day, it is appropriate to consider analogies from conventional warfare, and deception has historically been powerful as both a
tactic and a strategy. We here systematically enumerate and rank the available deception options for information systems, both
offensively and defensively. We then consider how defensive deceptions can be packaged within "generic excuses" that will more
convincing to an attacker than isolated refusals to obey commands. We describe how the selection of the best generic excuses and
excuse application times can be formulated with probabilities as an optimization problem and solved. Our theory lends itself well to
computer implementation and we provide several examples.
Description
IEEE First Symposium on Multi-Agent Security and Survivability, Philadelphia, August 2004
Collections
Related items
Showing items related by title, author, creator and subject.
-
Deception: Theory and Practice
(Monterey, California. Naval Postgraduate School, 2012-06);This thesis explores the history of U.S. Army deception and doctrine, and combines the insights gained with the various works on deception, cognitive psychology, communications, and decision-making in order to distill a ... -
On Deceiving Terrorists
(2001-12);This thesis addresses the use of deception as one means available to states for dealing with terrorists. It begins by exploring the body of theoretical literature to establish the foundation necessary for a thorough ... -
The ethics of deception in cyberspace
(Monterey, California. Naval Postgraduate School, 2008);We examine the main ethical issues concerning deception in cyberspace. We first discuss the concept of deception and survey ethical theories applicable to cyberspace. We then examine deception for commercial gain such as ...
