1,423 research outputs found
Game of Travesty: Decoy-based Psychological Cyber Deception for Proactive Human Agents
The concept of cyber deception has been receiving emerging attention. The
development of cyber defensive deception techniques requires interdisciplinary
work, among which cognitive science plays an important role. In this work, we
adopt a signaling game framework between a defender and a human agent to
develop a cyber defensive deception protocol that takes advantage of the
cognitive biases of human decision-making using quantum decision theory to
combat insider attacks (IA). The defender deceives an inside human attacker by
luring him to access decoy sensors via generators producing perceptions of
classical signals to manipulate the human attacker's psychological state of
mind. Our results reveal that even without changing the classical traffic data,
strategically designed generators can result in a worse performance for
defending against insider attackers in identifying decoys than the ones in the
deceptive scheme without generators, which generate random information based on
input signals. The proposed framework leads to fundamental theories in
designing more effective signaling schemes
Cyber Insurance for Cyber Resilience
Cyber insurance is a complementary mechanism to further reduce the financial
impact on the systems after their effort in defending against cyber attacks and
implementing resilience mechanism to maintain the system-level operator even
though the attacker is already in the system. This chapter presents a review of
the quantitative cyber insurance design framework that takes into account the
incentives as well as the perceptual aspects of multiple parties. The design
framework builds on the correlation between state-of-the-art attacker vectors
and defense mechanisms. In particular, we propose the notion of residual risks
to characterize the goal of cyber insurance design. By elaborating the
insurer's observations necessary for the modeling of the cyber insurance
contract, we make comparison between the design strategies of the insurer under
scenarios with different monitoring rules. These distinct but practical
scenarios give rise to the concept of the intensity of the moral hazard issue.
Using the modern techniques in quantifying the risk preferences of individuals,
we link the economic impacts of perception manipulation with moral hazard. With
the joint design of cyber insurance design and risk perceptions, cyber
resilience can be enhanced under mild assumptions on the monitoring of
insurees' actions. Finally, we discuss possible extensions on the cyber
insurance design framework to more sophisticated settings and the regulations
to strengthen the cyber insurance markets
Network Topology Mutation as Moving Target Defense for Corporate Networks
The paper introduces a topology mutation – the novel concept in Moving Target Defense (MTD). MTD is a new technique that represents a significant shift in cyber defense. Traditional cybersecurity techniques have primarily focused on the passive defense of static networks only. In MTD approach cyber attackers are confused by making the attack surface dynamic, and thus harder to probe and infiltrate. The emergence of Network Functions Virtualization (NFV) and Software-Defined Networking (SDN) technology has opened up new possibilities in network architecture management. The application of combined NFV and SDN technologies provides a unique platform for implementing MTD techniques for securing the network infrastructure by morphing the logical view of the network topology
Network Topology Mutation as Moving Target Defense for Corporate Networks
The paper introduces a topology mutation – the novel concept in Moving Target Defense (MTD). MTD is a new technique that represents a significant shift in cyber defense. Traditional cybersecurity techniques have primarily focused on the passive defense of static networks only. In MTD approach cyber attackers are confused by making the attack surface dynamic, and thus harder to probe and infiltrate. The emergence of Network Functions Virtualization (NFV) and Software-Defined Networking (SDN) technology has opened up new possibilities in network architecture management. The application of combined NFV and SDN technologies provides a unique platform for implementing MTD techniques for securing the network infrastructure by morphing the logical view of the network topology
Three Decades of Deception Techniques in Active Cyber Defense -- Retrospect and Outlook
Deception techniques have been widely seen as a game changer in cyber
defense. In this paper, we review representative techniques in honeypots,
honeytokens, and moving target defense, spanning from the late 1980s to the
year 2021. Techniques from these three domains complement with each other and
may be leveraged to build a holistic deception based defense. However, to the
best of our knowledge, there has not been a work that provides a systematic
retrospect of these three domains all together and investigates their
integrated usage for orchestrated deceptions. Our paper aims to fill this gap.
By utilizing a tailored cyber kill chain model which can reflect the current
threat landscape and a four-layer deception stack, a two-dimensional taxonomy
is developed, based on which the deception techniques are classified. The
taxonomy literally answers which phases of a cyber attack campaign the
techniques can disrupt and which layers of the deception stack they belong to.
Cyber defenders may use the taxonomy as a reference to design an organized and
comprehensive deception plan, or to prioritize deception efforts for a budget
conscious solution. We also discuss two important points for achieving active
and resilient cyber defense, namely deception in depth and deception lifecycle,
where several notable proposals are illustrated. Finally, some outlooks on
future research directions are presented, including dynamic integration of
different deception techniques, quantified deception effects and deception
operation cost, hardware-supported deception techniques, as well as techniques
developed based on better understanding of the human element.Comment: 19 page
- …