Please use this identifier to cite or link to this item: http://hdl.handle.net/10125/70856

Software Deception Steering through Version Emulation

File Size Format  
0196.pdf 770.71 kB Adobe PDF View/Open

Item Summary

Title:Software Deception Steering through Version Emulation
Authors:Araujo, Frederico
Sengupta, Sailik
Jang, Jiyong
Doupé, Adam
Hamlen, Kevin
show 1 moreKambhampati, Subbarao
show less
Keywords:Cyber Deception and Cyber Psychology for Defense
agility
cyberdeception
game theory
security engineering
show 1 moresoftware security
show less
Date Issued:05 Jan 2021
Abstract:Determined cyber adversaries often strategize their attacks by carefully selecting high-value target machines that host insecure (e.g., unpatched) legacy software. In this paper, we propose a moving-target approach to thwart and countersurveil such adversaries, wherein live (non-decoy) enterprise software services are automatically modified to deceptively emulate vulnerable legacy versions that entice attackers. A game-theoretic framework chooses which emulated software stacks, versions, configurations, and vulnerabilities yield the best defensive payoffs and most useful threat data given a specific attack model. The results show that effective movement strategies can be computed to account for pragmatic aspects of deception, such as the utility of various intelligence-gathering actions, impact of vulnerabilities, performance costs of patch deployment, complexity of exploits, and attacker profile.
Pages/Duration:10 pages
URI:http://hdl.handle.net/10125/70856
ISBN:978-0-9981331-4-0
DOI:10.24251/HICSS.2021.243
Rights:Attribution-NonCommercial-NoDerivatives 4.0 International
https://creativecommons.org/licenses/by-nc-nd/4.0/
Appears in Collections: Cyber Deception and Cyber Psychology for Defense


Please email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.

This item is licensed under a Creative Commons License Creative Commons