Deception: A Tool and Curse for Security Management

  • M. Warren
  • W. Hutchinson
Conference paper
Part of the IFIP International Federation for Information Processing book series (IFIPAICT, volume 65)

Abstract

With the proliferation of electronic information systems over the last two decades, the integrity of the stored data and its uses have become an essential component of effective organisational functioning. This digitised format, used in input, output, processing, storage, and communication, has given those wishing to deceive new opportunities. This paper examines the nature of deception, and its potential as a new security risk in the information age.

Key words

Deception Information Security Security Management 

References

  1. Barry, A.M.S. (1997). Visual Intelligence, State University of New York Press.Google Scholar
  2. Boisot, M.H. (1998) Knowledge Assets. Oxford University Press, Oxford.Google Scholar
  3. Bowyer, J.B. (1982). Cheating, St. Martin’s Press, New York.Google Scholar
  4. Brugioni, D.A. (1999) Photo Fakery: The History and Techniques of Photographic Deception and Manipulation, Brasseys Inc., Dulles, Virginia.Google Scholar
  5. Cohen, F (2000). Deception Tool-kit, URL: http://all.net/dtk/dtk.html
  6. Deitel H, Deitel P and Nieto T (2001) e-Business and & e-Commerce: How to Program, Prentic Hall, New Jersey.Google Scholar
  7. Gerwehr, S., Glenn, R.S. (2000) The Art of Darkness: Deception and Urban Operations, Rand, Santa Monica.Google Scholar
  8. Hutchinson, W.E., Warren, M.J. (2000a) The use of Deception in Systems, Proceedings of International Conference on Systems Thinking in Management, eds. G. Altmann, J. Lamp, P. Love, P. Mandal, R. Smith, M. Warren. 8–10 Nov, 2000, Deakin University, Geelong. pp.263–268.Google Scholar
  9. Hutchinson, W and Warren, M.J. (2000b) Deception and the Information Security function, Proceedings of INC 2000 Second International Network Conference, 3–6 July 2000, Plymouth, UK. pp.273–280.Google Scholar
  10. Hutchinson, W., Warren, M. (1999). The attitude and practice of Australian Information Technology managers toward Cyber-Vigilantism, InfoWarCon99, Washington, USA, September, 1999.Google Scholar
  11. Felten, E, Balfanz D, Dean D and Wallach, D (1997). Web Spoofing: An Internet Con Game, Technical Report 540-97, Princeton University and also presented at 20th National Information Systems Security Conference, Baltimore. USA, October, 1999.Google Scholar
  12. Network Associates (2000) Cybercop Sting. URL: http://www.nai.com/asp_set/products/tns/ccsting_intro
  13. Rapaport, R. (I 997). PR finds a new cool tool, Forbes, Oct 6, 1997, p. 101–108.Google Scholar
  14. Roberts, P., Webber, J. (1999). Visual Truth in the Digital Age: Towards a protocol for Image Ethics, Australian Computer Journal, 31:3; 78–82.Google Scholar
  15. Spitzner, L. (2000a) To Build a Honeypot. URL: http://project.honeynet.org/papers/honeypot/
  16. Spitzner, L. (2000b). Know Your Enemy: A Forensic Analysis, URL: http://www.securityfocus.com/ih/articles/foranalysis.html
  17. Spitzner, L (2000c) To Build a Honeynet, FIRST (Forum of Incident Response & Security Teams) Conference 2000, Chicago, USA.Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2001

Authors and Affiliations

  • M. Warren
    • 1
  • W. Hutchinson
    • 2
  1. 1.Dept of Computing & MathematicsDeakin UniversityGeelongAustralia
  2. 2.School of Management Information SystemEdith Cowan University Churchlands Western AustraliaAustralia

Personalised recommendations