Delaying-type responses for use by software decoys
dc.contributor.advisor | Rowe, Neil C. | |
dc.contributor.advisor | Michael, J. Bret | |
dc.contributor.author | Julian, Donald P. | |
dc.date | September 2002 | |
dc.date.accessioned | 2012-03-14T17:44:00Z | |
dc.date.available | 2012-03-14T17:44:00Z | |
dc.date.issued | 2002-09 | |
dc.identifier.uri | https://hdl.handle.net/10945/5043 | |
dc.description.abstract | Modern intrusion detection systems have become highly reliable in identifying a malicious user on a computer system. Their limitations, though, are increasing the need for an intelligent response to an intrusion. In contrast, intelligent software decoys provide autonomous software-based responses to identified intrusions. In this thesis, we explore conducting military deception, focusing on the use of software-driven simulations to respond to the actions of intruders. In particular, this thesis focuses on a model of a simple deceptive response that is intended to protect a search-type program from a buffer-overflow attack. During our study, we found that after identifying an attack attempt, simulating system saturation with processing delays worked well to deceive a prospective attacker. We also experimented with providing confusing reactions to an identified attack attempt, such as simulated network login screens and fake root-shells. The results were successful, simple reactions to intrusions that mimicked intended system interaction, and they proved to be adequate at implementing the deception principles we studied. | en_US |
dc.description.uri | http://archive.org/details/delayingtyperesp109455043 | |
dc.format.extent | xvi, 59 p. : ill. | en_US |
dc.publisher | Monterey, California. Naval Postgraduate School | en_US |
dc.rights | This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States. | en_US |
dc.subject.lcsh | Computers | en_US |
dc.subject.lcsh | Access control | en_US |
dc.subject.lcsh | Computer security | en_US |
dc.title | Delaying-type responses for use by software decoys | en_US |
dc.type | Thesis | en_US |
dc.contributor.department | Computer Science (CS) | |
dc.subject.author | Intelligent software decoys | en_US |
dc.subject.author | Intrusion detection | en_US |
dc.subject.author | Computer deception | en_US |
dc.subject.author | Decoy response | en_US |
dc.subject.author | Military deception | en_US |
dc.subject.author | Simple deceptive response | en_US |
dc.description.service | Major, United States Marine Corps | en_US |
etd.thesisdegree.name | M.S. in Computer Science | en_US |
etd.thesisdegree.level | Masters | en_US |
etd.thesisdegree.discipline | Computer Science | en_US |
etd.thesisdegree.grantor | Naval Postgraduate School | en_US |
etd.verified | no | en_US |
dc.description.distributionstatement | Approved for public release; distribution is unlimited. |
Files in this item
This item appears in the following Collection(s)
-
1. Thesis and Dissertation Collection, all items
Publicly releasable NPS Theses, Dissertations, MBA Professional Reports, Joint Applied Projects, Systems Engineering Project Reports and other NPS degree-earning written works.