Abstract
The U.S. President’s Comprehensive National Cybersecurity Initiative calls for the deployment of sensors to help protect federal enterprise networks. Because of the reported cyber intrusions into America’s electric power grid and other utilities, there is the possibility that sensors could also be positioned in key privately-owned infrastructure assets and the associated cyberspace. Sensors provide situational awareness of adversary operations, but acting directly on the collected information can reveal key sensor attributes such as modality, location, range, sensitivity and credibility. The challenge is to preserve the secrecy of sensors and their attributes while providing defenders with the freedom to respond to the adversary’s operations.
This paper presents a framework for using deception to shield cyberspace sensors. The purpose of deception is to degrade the accuracy of the adversary’s beliefs regarding the sensors, give the adversary a false sense of completeness, and/or cause the adversary to question the available information. The paper describes several sensor shielding tactics, plays and enabling methods, along with the potential pitfalls. Well-executed and nuanced deception with regard to the deployment and use of sensors can help a defender gain tactical and strategic superiority in cyberspace.
Chapter PDF
Similar content being viewed by others
References
J. Bamford, The Shadow Factory, Doubleday, New York, 2008.
J. Bell and B. Whaley, Cheating and Deception, Transaction Publishers, New Brunswick, New Jersey, 1991.
B. Berkowitz and A. Goodman, Strategic Intelligence for American National Security, Princeton University Press, Princeton, New Jersey, 1989.
G. Bush, Executive Order 13292 – Further Amendment to Executive Order 12958, as Amended, Classified National Security Information, The White House, Washington, DC (www.archives.gov/isoo/policy-documents/eo-12958-amendment.pdf), 2003.
J. Dunnigan and A. Nofi, Victory and Deceit, Writers Club Press, San Jose, California, 2001.
C. Fowler and R. Nesbit, Tactical deception in air-land warfare, Journal of Electronic Defense, vol. 18(6), pp. 37–79, 1995.
S. Gerwehr and R. Glenn, Unweaving the Web – Deception and Adaptation in Future Urban Operations, RAND, Santa Monica, California, 2002.
W. Laqueur, The Uses and Limits of Intelligence, Transaction Publishers, New Brunswick, New Jersey, 1993.
D. Patranabis, Sensors and Transducers, Prentice-Hall of India, New Delhi, India, 2004.
E. Poteat, The use and abuse of intelligence: An intelligence provider’s perspective, Diplomacy and Statecraft, vol. 11(2), pp. 1–16, 2000.
J. Richelson, The US Intelligence Community, Westview Press, Boulder, Colorado, 1999.
J. Risen and D. Rohde, A hostile land foils the quest for bin Laden, New York Times, December 13, 2004.
N. Rowe and H. Rothstein, Two taxonomies of deception for attacks on information systems, Journal of Information Warfare, vol. 3(2), pp.27–39, 2004.
D. Sanger, Rice to discuss antiproliferation program, New York Times, May 31, 2005.
United States Department of Defense, Military Deception, Joint Publication 3-13.4, Washington, DC, 2006.
J. Yuill, D. Denning and F. Feer, Using deception to hide things from hackers: Processes, principles, and techniques, Journal of Information Warfare, vol. 5(3), pp. 26–40, 2006.
J. Yuill, F. Feer and D. Denning, Designing deception operations for computer network defense, Proceedings of the DoD Cyber Crime Conference (www.jimyuill.com/research-papers/DoD-Cyber-Crime-deception-process.pdf), 2005.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 IFIP International Federation for Information Processing
About this paper
Cite this paper
Rice, M., Guernsey, D., Shenoi, S. (2011). Using Deception to Shield Cyberspace Sensors. In: Butts, J., Shenoi, S. (eds) Critical Infrastructure Protection V. ICCIP 2011. IFIP Advances in Information and Communication Technology, vol 367. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-24864-1_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-24864-1_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-24863-4
Online ISBN: 978-3-642-24864-1
eBook Packages: Computer ScienceComputer Science (R0)