Two Taxonomies of Deception for Attacks on Information Systems
Abstract
'Cyberwar' is information warfare directed at the software of information systems. It represents an increasing threat
to our militaries and civilian infrastructures. Six principles of military deception are enumerated and applied to
cyberwar. Two taxonomies of deception methods for cyberwar are then provided, making both offensive and
defensive analogies from deception strategies and tactics in conventional war to this new arena. One taxonomy has
been published in the military literature, and the other is based on case theory in linguistics. The application of both
taxonomies to cyberwar is new. We then show how to quantify and rank proposed deceptions for planning using
'suitability' numbers associated with the taxonomies. The paper provides planners for cyberwar with a more
comprehensive enumeration than any yet published to the tactics and strategies that they and their enemies may use.
Some analogies to deception in conventional warfare hold, but many do not, and careful thought and preparation
must be applied to any deception effort.
Description
This paper appeared in the Journal of Information Warfare, 3 (2), July 2004, 27-39.
Collections
Related items
Showing items related by title, author, creator and subject.
-
Counterplanning Deceptions to Foil Cyber-Attack Plans
Rowe, Neil C. (Monterey, California. Naval Postgraduate School, 2003-06);Tactics involving deception are important in military strategies. We have been exploring deliberate deception in defensive tactics by information systems under cyber-attack as during information warfare. We have developed ... -
Strategic Deception and Counterdeception, a Cognitive Process Approach
Heuer, Richards J. Jr. (Wiley, 1981-06);Research in experimental psychology is applied to an analysis of problems of strategic military deception and counterdeception. In conducting deception, the deceiver has a clear advantage; empirical evidence confirms ... -
Deception in defense of computer systems from cyber-attack
Rowe, Neil C. (Monterey, California. Naval Postgraduate School, 2007);While computer systems can be quite susceptible to deception by attackers, deception by defenders has increasingly been investigated in recent years. Military history has classic examples of defensive deceptions, but not ...