Please use this identifier to cite or link to this item:

Software Deception Steering through Version Emulation

File Size Format  
0196.pdf 770.71 kB Adobe PDF View/Open

Item Summary

Title:Software Deception Steering through Version Emulation
Authors:Araujo, Frederico
Sengupta, Sailik
Jang, Jiyong
Doupé, Adam
Hamlen, Kevin
show 1 moreKambhampati, Subbarao
show less
Keywords:Cyber Deception and Cyber Psychology for Defense
game theory
security engineering
show 1 moresoftware security
show less
Date Issued:05 Jan 2021
Abstract:Determined cyber adversaries often strategize their attacks by carefully selecting high-value target machines that host insecure (e.g., unpatched) legacy software. In this paper, we propose a moving-target approach to thwart and countersurveil such adversaries, wherein live (non-decoy) enterprise software services are automatically modified to deceptively emulate vulnerable legacy versions that entice attackers. A game-theoretic framework chooses which emulated software stacks, versions, configurations, and vulnerabilities yield the best defensive payoffs and most useful threat data given a specific attack model. The results show that effective movement strategies can be computed to account for pragmatic aspects of deception, such as the utility of various intelligence-gathering actions, impact of vulnerabilities, performance costs of patch deployment, complexity of exploits, and attacker profile.
Pages/Duration:10 pages
Rights:Attribution-NonCommercial-NoDerivatives 4.0 International
Appears in Collections: Cyber Deception and Cyber Psychology for Defense

Please email if you need this content in ADA-compliant format.

This item is licensed under a Creative Commons License Creative Commons