Delaying-type responses for use by software decoys

Download
Author
Julian, Donald P.
Date
2002-09Advisor
Rowe, Neil C.
Michael, J. Bret
Metadata
Show full item recordAbstract
Modern intrusion detection systems have become highly reliable in identifying a malicious user on a computer system. Their limitations, though, are increasing the need for an intelligent response to an intrusion. In contrast, intelligent software decoys provide autonomous software-based responses to identified intrusions. In this thesis, we explore conducting military deception, focusing on the use of software-driven simulations to respond to the actions of intruders. In particular, this thesis focuses on a model of a simple deceptive response that is intended to protect a search-type program from a buffer-overflow attack. During our study, we found that after identifying an attack attempt, simulating system saturation with processing delays worked well to deceive a prospective attacker. We also experimented with providing confusing reactions to an identified attack attempt, such as simulated network login screens and fake root-shells. The results were successful, simple reactions to intrusions that mimicked intended system interaction, and they proved to be adequate at implementing the deception principles we studied.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.Collections
Related items
Showing items related by title, author, creator and subject.
-
Total Ownership Cost—System Software Impacts
Naegle, Brad R. (Monterey, California. Naval Postgraduate School, 2017-04); NPS-CE-17-042Department of Defense (DoD) software-intensive systems and the software content in other systems will continue to grow and may dominate total ownership costs (TOC) in the future. These costs are exacerbated by the fact ... -
Total ownership cost - system software impacts
Naegle, Brad R. (Monterey, California. Naval Postgraduate School, 2017-04-19); NPS-CE-17-042Department of Defense (DoD) software-intensive systems and the software content in other systems will continue to grow and may dominate total ownership costs (TOC) in the future. These costs are exacerbated by the fact ... -
Achieving Better Buying Power for Mobile Open Architecture Software Systems through Diverse Acquisition Scenarios
Scacchi, Walt; Alspaugh, Thomas A. (Monterey, California. Naval Postgraduate School, 2017-05); UCI-AM-17-041This research seeks to identify, track, and analyze software component costs and cost reduction opportunities within diverse acquisition life cycle scenarios for open architecture systems accommodating Web-based and mobile ...