Quantum Communication Uplink to a 3U CubeSat: Feasibility & Design

Satellites are the efficient way to achieve global scale quantum communication (Q.Com) because unavoidable losses restrict fiber based Q.Com to a few hundred kilometers. We demonstrate the feasibility of establishing a Q.Com uplink with a tiny 3U CubeSat (measuring just 10X10X32 cm^3 ) using commercial off-the-shelf components, the majority of which have space heritage. We demonstrate how to leverage the latest advancements in nano-satellite body-pointing to show that our 4kg CubeSat can provide performance comparable to much larger 600kg satellite missions. A comprehensive link budget and simulation was performed to calculate the secure key rates. We discuss design choices and trade-offs to maximize the key rate while minimizing the cost and development needed. Our detailed design and feasibility study can be readily used as a template for global scale Q.Com.Comment: 24 pages, 9 figures, 2 tables. Fixed tables and figure

Designing Host and Network Sensors to Mitigate the Insider Threat

We propose a design for insider threat detection that combines an array of complementary techniques that aims to detect evasive adversaries. We are motivated by real world incidents and our experience with building isolated detectors: such standalone mechanisms are often easily identified and avoided by malefactors. Our work-in-progress combines host-based user-event monitoring sensors with trap-based decoys and remote network detectors to track and correlate insider activity. We identify several challenges in scaling up, deploying, and validating our architecture in real environments

Fox in the Trap: Thwarting Masqueraders via Automated Decoy Document Deployment

Organizations face a persistent challenge detecting malicious insiders as well as outside attackers who compromise legitimate credentials and then masquerade as insiders. No matter how good an organization’s perimeter defenses are, eventually they will be compromised or betrayed from the inside. Monitored decoy documents (honey files with enticing names and content) are a promising approach to aid in the detection of malicious masqueraders and insiders. In this paper, we present a new technique for decoy document distribution that can be used to improve the scalability of insider detection. We develop a placement application that automates the deployment of decoy documents and we report on two user studies to evaluate its effectiveness. The first study indicates that our automated decoy distribution tool is capable of strategically placing decoy files in a way that offers comparable security to optimal manual deployment. In the second user study, we measure the frequency that normal users access decoy documents on their own systems and show that decoy files do not significantly interfere with normal user tasks

Deep Down the Rabbit Hole: On References in Networks of Decoy Elements

Deception technology has proven to be a sound approach against threats to information systems. Aside from well-established honeypots, decoy elements, also known as honeytokens, are an excellent method to address various types of threats. Decoy elements are causing distraction and uncertainty to an attacker and help detecting malicious activity. Deception is meant to be complementing firewalls and intrusion detection systems. Particularly insider threats may be mitigated with deception methods. While current approaches consider the use of multiple decoy elements as well as context-sensitivity, they do not sufficiently describe a relationship between individual elements. In this work, inter-referencing decoy elements are introduced as a plausible extension to existing deception frameworks, leading attackers along a path of decoy elements. A theoretical foundation is introduced, as well as a stochastic model and a reference implementation. It was found that the proposed system is suitable to enhance current decoy frameworks by adding a further dimension of inter-connectivity and therefore improve intrusion detection and prevention