Show simple item record

dc.contributor.authorRowe, Neil C.
dc.dateDecember 2004
dc.date.accessioned2013-09-18T16:39:31Z
dc.date.available2013-09-18T16:39:31Z
dc.date.issued2004-12
dc.identifier.citation2004 Computer Security Applications Conference, Tucson, AZ, December.
dc.identifier.urihttp://hdl.handle.net/10945/36429
dc.descriptionThis paper appeared in the 2004 Computer Security Applications Conference, Tucson, AZ, December.en_US
dc.description.abstractSince attackers trust computer systems to tell them the truth, it may be effective for those systems to lie or mislead. This could waste the attacker's resources while permitting time to organize a better defense, and would provide a second line of defense when access controls have been breached. We propose here a probabilistic model of attacker beliefs in each of a set of "generic excuses" (including deception) for their inability to accomplish their goals. We show how the model can be updated by evidence presented to the attacker and feedback from the attacker's own behavior. We show some preliminary results with human subjects supporting our theory. We show how this analysis permits choosing appropriate times and methods to deceive the attacker.en_US
dc.description.sponsorshipsupported by the U.S. National Science Foundation under the Cyber Trust programen_US
dc.publisherMonterey, California. Naval Postgraduate Schoolen_US
dc.rightsApproved for public release, distribution unlimiteden_US
dc.titleDesigning Good Deceptions in Defense of Information Systemsen_US
dc.typeConference Paperen_US
dc.contributor.corporateCebrowski Institute


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record