Planning Cost-Effective Deceptive Resource Denial in Defense to Cyber-Attacks
Rowe, Neil C.
MetadataShow full item record
Cyber-attacks against computer systems that provide valuable services can often be effectively defended by tactics of deliberately deceptive resource denial. Delaying in response to suspicious requests is one example; it permits time to develop a good defense, facilitates analysis of the attacks and formulation of a response, and may little affect legitimate users. But delays can look suspicious; a better tactic can be for the operating system to falsely claim unavailability of some critical resources that the attacker needs (files, directories, access rights, network connections, or software). This can be more effective than using “security policy” as an excuse to deny those resources because it is unexpected and more flexible. We formulate a decision-theoretic approach to the problem of deciding when to deceive by resource denial in a sequence of interactions with a user of an operating system, and provide general formulae for decisions in planning deceptions. Our theory covers both reactive and proactive deception, and both single-session and multi-session attacks. We also provide additional criteria to ensure logically consistent tactics. We provide some evidence from a survey of users to support our modeling.
This paper appeared in the 2nd International Conference in I-Warfare and Security, Monterey CA, USA, March 2007.
Showing items related by title, author, creator and subject.
Naval Postgraduate School Center for Homeland Defense and Security (CHDS) (Monterey, California. Naval Postgraduate SchoolCenter for Homeland Defense and Security, 2007-02);February 2007. The articles in this issue of Homeland Security Affairs demonstrate the arc of homeland security studies – from how we think about and address terrorism to how we communicate with one another when dealing ...
APPLYING THE ISRAELI PRACTICE OF RECONSTRUCTION FOLLOWING A TERRORIST ATTACK AS A MODEL FOR CITIES IN THE UNITED STATES Kelly, Robert J. (Monterey California. Naval Postgraduate School, 2013-03);A component of the Israeli counter-terrorism policy includes a strategic choreographed response to restore and reconstruct physical damage caused by a terrorist attack with the goal of removing all markings of the attack ...
Rowe, Neil C.; Custy, E. John; Duong, Binh T. (Monterey, California. Naval Postgraduate School, 2007);Honeypots are computer systems designed for no purpose other than recording attacks on them. Cyber-attackers avoid them since honeypots jeopardize the secrecy of attack methods and it is hard to launch attacks from them. ...