Abstract
With so many possible ways to deceive, we can be more effective if we plan systematically. Several methods can be used to plan deceptions ranging from informal to formal. Planning can be either strategic, broad in scope (Heckman et al. 2015), or tactical, focused in scope. We will focus on the latter here.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Alexander J, Smith J (2011) Disinformation: a taxonomy. IEEE Secur Priv 9(1):58–63
Al-Mamory S, Zhang H, Abbas A (2008) Modeling network attacks for scenario construction. In: Proceedings of the international joint conference on neural networks, Hong Kong, China, 1–8 June, 2008. pp 1495–1502
Axelrod R (1979) The rational timing of surprise. World Politics 31(2):228–246
Bell J, Whaley B (1991) Cheating. Transaction, New York
Carbonell J (1981) Counterplanning: a strategy-based model of adversary planning in real-world situations. Artif Intell 16:295–329
Chen PY, Shih IJ, Lin F (2013) Maximization of muti-round network survivability under considerations of the defenders’ defensive messaging strategies. In: Proceedings of the international conference on mobile wireless middleware, operating systems, and applications, Bologna, Italy, 11–12 Nov, 2013. pp 148–155
Chinchani R, Muthukrishna A, Chandrasekaran M, Upadhyay S (2004) RACOON: rapidly generating user command data for anomaly detection from customizable templates. In: Proceedings of the twentieth annual computer security applications conference, Tucson, AZ, 6–10 Dec, 2004. pp 189–202
Chou HM, Zhou L (2012) A game theory approach to deception strategy in computer mediated communication. In: Proceedings of the conference on intelligence and security informatics, Washington DC, 11–14 June, 2012. pp 7–11
Christian D, Young R (2004) Strategic deception in agents. In: Proc. 3rd Intl. joint conference on autonomous agents and multiagent systems, New York, NY. pp 218–226
Chu M, Ingols K, Lippmann R, Webster S, Boyer S (2010) Visualizing attack graphs, reachability, and trust relationships with NAVIGATOR. In: Proceedings of the 7th international symposium on visualization for cyber security, Ottawa, ON, Canada, 14 Sept 2010. pp 22–33
Cohen F (1999) A mathematical structure of simple defensive network deceptions. all.net/journal/deception/mathdeception/mathdeception.html. Accessed 15 Jan, 2016
Cohen F, Koike D (2003) Leading attackers through attack graphs with deceptions. Comput Security 22(5):402–411
Dalvi N, Domingos P, Mausam, Sanghai S, Verma D (2004) Adversarial classification. In: Proceedings of the 10th ACM SIGMOD international conference on knowledge discovery and data mining, Seattle, WA, 22–25 Aug 2004
David F, David A, Hansen R, Larsen K, Legay A, Olesen M, Probst C (2015) Modeling social-technical attacks with timed automata. In: Proceedings of the international workshop on managing insider security threats, Denver CO, 16 Oct, 2015. pp 21–28
De Rosis F, Castelfranchi C, Carofiglio V, Grassano R (2003) Can computers deliberately deceive? A simulation tool and its application to Turing’s imitation game. Comput Intell 19(3):235–263
Dunnigan J, Nofi A (2001) Victory and deceit, second edition: deception and trickery in war. Writers Club, San Jose, CA
Durkota K, Lisy V, Kiekintveld C, Bosansky B (2015) Game-theoretic algorithms for optimal network security hardening using attack graphs. In: Proceedings of the 14th international conference on autonomous agents and multiagent systems, Istanbul, Turkey, 4–8 May, 2015. pp 1773–1774
Fayyad S, Meinel C (2013) New attack scenario prediction methodology. In: Proceedings of the 10th international conference on information technology: New generations, Las Vegas, NV, 15–17 Apr, 2013. pp 53–59
Garg N, Grosu D (2007) Deception in honeynets: A game-theoretic analysis. In: Proceedings of the 2007 IEEE workshop on information assurance, West Point, NY, 20–22 June 2007
Greenberg I (1982) The role of deception in decision theory. J Confl Resolut 26(1):139–156
Heckman K, Stech F, Thomas R, Schmoker B, Tsow A (2015) Cyber denial, deception, and counter deception: a framework for supporting active cyber defense. Springer, New York
Julisch K (2003) Clustering intrusion detection alarms to support root cause analysis. ACM Trans Inform Syst Security 6(4):443–471
Khasnabish B (1989) A bound of deception capability in multiuser computer networks. IEEE J Select Area Commun 7(4):590–594
Liu P, Zang W, Yu M (2005) Incentive-based modeling and inference of attacker intent, objectives, and strategies. ACM Trans Inform Syst Security 8(1):78–118
McCarty B (2003) The honeynet arms race. IEEE Secur Priv 1(6):79–82
McClure S, Scambray J, Kurtz G (2012) Hacking exposed 7: network security secrets and solutions, 7th edn. McGraw-Hill Education, New York
Nelms H (1969) Magic and showmanship: a handbook for conjurers. Dover, Mineola, NY
Nicol D, Mallapura V (2014) Modeling and analysis of stepping stone attacks. In: Proceedings of the winter simulation conference, Savannah, GA, 6–10 Dec, 2014. pp 3046–3057
Osborne M (2003) An introduction to game theory. Oxford University Press, Oxford, UK
Rowe N (2007) Planning cost-effective deceptive resource denial in defense to cyber-attacks. In: Proceedings of the 2nd international conference on information warfare, Monterey, CA, 8–9 Mar. pp 177–184
Roy A, Kim D, Trivedi K (2012) Attack countermeasure trees (ACT): towards unifying the constructs of attack and defense trees. Secur Commun Networks 5(8):929–943
Santhanam G, Oster Z, Basu S (2013) Identifying a preferred countermeasure strategy for attack graphs. In: Proceedings of the 8th annual cyber security and information intelligence research workshop, Oak Ridge, TN, US, January, paper 11
Steffan J, Schumacher M (2002) Collaborative attack modeling. In: Proceedings of the symposium on applied computing, Madrid, Spain, 10–14 Mar. pp 253–259
Sztompka P (1999) Trust. Cambridge University Press, London, UK
Virvilis N, Vanautgaerden B, Serrano R (2014) Changing the game: the art of deceiving sophisticated attackers. In: Proceedings of 6th international conference on cyber conflict. pp 87–97
Wang W, Bickford J, Murynets I, Subbaraman R, Forte A, Singaraju G (2012) Catching the wily hacker: A multilayer deception system. In: Proceedings of the 35th IEEE Sarnoff symposium, 21–22 May, 2012. pp 1–2
Yang L, Wang XM (2008) Study on the network active defense technology based on deception. Journal of the National University of Defense Technology (China), June: pp 65–69
Yang X, Shunhong S, Yuliang L (2010) Vulnerability ranking based on exploitation and defense graph. In: Proceedings of the international conference on information, networking, and automation, Kumming, China, 18–19 Oct, 2010. pp V1-163–V1-167
Zhao L, Mannan M (2013) Explicit authentication response considered harmful. In: Proceedings of the new security paradigms workshop, Banff, AB, Canada, 8–12 Sept, 2013. pp 77–85
Zhou Y, Kantacioglu M, Thuraisingham B (2012) Adversarial support vector machine learning. In: Proceedings of the conference on knowledge discovery and data mining, Beijing, China, 12–16 Aug, 2012. pp 1059–1067
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Rowe, N.C., Rrushi, J. (2016). Planning Cyberspace Deception. In: Introduction to Cyberdeception. Springer, Cham. https://doi.org/10.1007/978-3-319-41187-3_12
Download citation
DOI: https://doi.org/10.1007/978-3-319-41187-3_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-41185-9
Online ISBN: 978-3-319-41187-3
eBook Packages: Computer ScienceComputer Science (R0)