Design requirements for generating deceptive content to protect document repositories

For nearly 30 years, fake digital documents have been used to identify external intruders and malicious insider threats. Unfortunately, while fake files hold potential to assist in data theft detection, there is little evidence of their application outside of niche organisations and academic institutions. The barrier to wider adoption appears to be the difficulty in constructing deceptive content. The current generation of solutions principally: (1) use unrealistic random data; (2) output heavily formatted or specialised content, that is difficult to apply to other environments; (3) require users to manually build the content, which is not scalable, or (4) employ an existing production file, which creates a protection paradox. This paper introduces a set of requirements for generating automated fake file content: (1) enticing, (2) realistic, (3) minimise disruption, (4) adaptive, (5) scalable protective coverage, (6) minimise sensitive artefacts and copyright infringement, and (7) contain no distinguishable characteristics. These requirements have been drawn from literature on natural science, magical performances, human deceit, military operations, intrusion detection and previous fake file solutions. These requirements guide the design of an automated fake file content construction system, providing an opportunity for the next generation of solutions to find greater commercial application and widespread adoption

Towards a set of metrics to guide the generation of fake computer file systems

Fake file systems are used in the field of cyber deception to bait intruders and fool forensic investigators. File system researchers also frequently generate their own synthetic document repositories, due to data privacy and copyright concerns associated with experimenting on real-world corpora. For both these fields, realism is critical. Unfortunately, after creating a set of files and folders, there are no current testing standards that can be applied to validate their authenticity, or conversely, reliably automate their detection. This paper reviews the previous 30 years of file system surveys on real world corpora, to identify a set of discrete measures for generating synthetic file systems. Statistical distributions, such as size, age and lifetime of files, common file types, compression and duplication ratios, directory distribution and depth (and its relationship with numbers of files and sub-directories) were identified and the respective merits discussed. Additionally, this paper highlights notable absences in these surveys, which could be beneficial, such as analysing, on mass, the text content distribution, file naming habits, and comparing file access times against traditional working hours

Exterminating the Cyber Flea: Irregular Warfare Lessons for Cyber Defence

Traditional approaches to tactical Computer Network Defence (CND), drawn from the lessons and doctrine of conventional warfare, are based on a team of deployed security professionals countering the adversary’s cyber forces. The concept of the adversary in cyberspace does not fit neatly into the conventional military paradigms. Rather than fighting an identifiable foe, cyber adversaries are clandestine, indistinguishable from legitimate users or external services, operate across state boundaries, and from safe havens that provide sanctuary from prosecution. The defender also faces imbalances with rules of engagement and a severe disparity between the cost of delivering the defence and the attackers ability to deliver an effect. These operational conditions are more akin with Irregular Warfare (IW) than a conventional conflict. This paper proposes a new approach to CND, based on a review of the literature on IW. Rather than fight the battle alone, the CND team should concentrate efforts to persuade and empower network users to take responsibility for protecting the organisation’s critical data. This approach seeks to apply the lessons learnt from IW, where the resistance to the adoption of security best practices, intentional or otherwise, is the real adversary. This approach appears more likely to deliver long term protection from the current cyber threats than a process, which requires the identification and tracking of adversaries that are invisible and constantly changing

The unbearable anxiety of being: ideological fantasies of British Muslims beyond the politics of security

Since the advent of the 'War on Terror' British Muslims have been designated as a source of anxiety by politicians, journalists and publics alike. Fears that began over terrorism have extended to the opening of Islamic faith schools, the meaning of clothing and halal slaughter. Critical scholarship that engages with these developments in the fields of politics and international relations tends to view them through paradigms of (in)security. Whilst these contributions have been helpful in understanding the construction of a Muslim 'problem', this article demonstrates how the array of issues incorporated by this problem exceeds the politics of security. The article develops an original conceptual and analytic framework, drawing upon Slavoj Žižek's Lacanian theory of ideology, to argue that political and media ‘scandals’ about what an imagined 'Muslim community' gets up to are best understood as ideological fantasies. Through analysis of three case studies, we show that these fantasies are mobilised to suture traumatic gaps and conceal contradictions in wider social practices around sexual abuse, education, and food production. We show how the unremitting focus on myriad aspects of British Muslims’ imagined lives is symptomatic of what Žižek calls an ‘unbearable anxiety’. Islamophobic ideological fantasies summon a ‘conceptual Muslim’ figure as a means of preventing confrontation with the Lacanian ‘Real’: antagonistic and anxiety-inducing structures and practices underpinning British society, of which we do not speak

Thinking the ‘Culture Wars’ and the Present Political Crisis With the Young Marx (and Friends)

We stand at a key juncture: a Western political crisis arose in 2016-17 to match the deep eco-nomic crisis of the preceding decade. Events and new social movements of recent years seem to hail the collapse of the project of liberal democracy, though it is hard to see what will replace it. Among the conceptual and analytic tools bequeathed by Marx are those necessary to better understand and anticipate the direction of this key historical moment – from Donald Trump, Brexit and the so-called ‘culture wars’ to the horizon of liberal democracy itself. In this reflection, I suggest some ways in which Marx’s early thoughts on the liberal state and civil society can and should help us to better understand and explain our present predicament. To say that the Young Marx can help us today with what he called ‘the ruthless critique of everything existing’ is not to say that he can do so alone. It is precisely the issues overlooked or ‘fudged’ by Marx and Marxism – gender, sexuality, and race / racism for example – that now sit at the centre of our ‘culture wars’, alongside but never reducible to the contradictions and crises of capitalism. I conclude that it is only with the help of other writers of the 20th and 21st centuries, from Antonio Gramsci to Frantz Fanon and bell hooks, that we can usefully mobilise the Young Marx today, to critique the world as we find it and especially – the very ‘point’ of theory according to Marx – to change it