A Model of Deception during Cyber-Attacks on Information Systems

Abstract

Deception is a classic technique useful for military operations. With information systems around the world under frequent attack every day, it is appropriate to consider analogies from conventional warfare, and deception has historically been powerful as both a tactic and a strategy. We here systematically enumerate and rank the available deception options for information systems, both offensively and defensively. We then consider how defensive deceptions can be packaged within "generic excuses" that will more convincing to an attacker than isolated refusals to obey commands. We describe how the selection of the best generic excuses and excuse application times can be formulated with probabilities as an optimization problem and solved. Our theory lends itself well to computer implementation and we provide several examples.