A Model of Deception during Cyber-Attacks on Information Systems
Rowe, Neil C.
MetadataShow full item record
Deception is a classic technique useful for military operations. With information systems around the world under frequent attack every day, it is appropriate to consider analogies from conventional warfare, and deception has historically been powerful as both a tactic and a strategy. We here systematically enumerate and rank the available deception options for information systems, both offensively and defensively. We then consider how defensive deceptions can be packaged within "generic excuses" that will more convincing to an attacker than isolated refusals to obey commands. We describe how the selection of the best generic excuses and excuse application times can be formulated with probabilities as an optimization problem and solved. Our theory lends itself well to computer implementation and we provide several examples.
IEEE First Symposium on Multi-Agent Security and Survivability, Philadelphia, August 2004
Showing items related by title, author, creator and subject.
Monroe, James D. (Monterey, California. Naval Postgraduate School, 2012-06);This thesis explores the history of U.S. Army deception and doctrine, and combines the insights gained with the various works on deception, cognitive psychology, communications, and decision-making in order to distill a ...
Higginbotham, Benjamin I. (2001-12);This thesis addresses the use of deception as one means available to states for dealing with terrorists. It begins by exploring the body of theoretical literature to establish the foundation necessary for a thorough ...
Rowe, Neil C. (Monterey, California. Naval Postgraduate School, 2008);We examine the main ethical issues concerning deception in cyberspace. We first discuss the concept of deception and survey ethical theories applicable to cyberspace. We then examine deception for commercial gain such as ...