Deceptive Self-Attack for Cyber-Defense Chandler, Jared Wick, Adam 2022-12-27T18:55:39Z 2022-12-27T18:55:39Z 2023-01-03
dc.description.abstract The asymmetry between cyber-defense and cyber-offense is well-known; defenders must perfectly protect their systems, while attackers need only find one flaw. Defensive cyber-deception has been proposed as a way to mitigate this problem, by using various techniques designed to require attackers to defend themselves from misdirection, false data, and counter-attack. In this paper, we propose a new cyber-deception technique: deceptive self-attack (DSA). DSA modifies network and systems to give the appearance that an unknown third party is also at work attacking the same systems. It is our contention that the presence of this (deceptive) adversary pressures real adversaries in novel ways useful to cyber-defense; and discuss these effects. As a study in DSA, we present and evaluate SoundTheAlarm, a SMT-solver based system for generating deceptive self-attack network traffic. SoundTheAlarm uses public attack signatures from the Suricata intrusion detection system to automatically generate network traffic consistent with a particular cyber-attack signature.
dc.format.extent 10
dc.identifier.doi 10.24251/HICSS.2023.108
dc.identifier.isbn 978-0-9981331-6-4
dc.language.iso eng
dc.relation.ispartof Proceedings of the 56th Hawaii International Conference on System Sciences
dc.rights Attribution-NonCommercial-NoDerivatives 4.0 International
dc.subject Cyber Deception and Cyberpsychology for Defense
dc.subject cyber-deception technique attack traffic synthesis
dc.title Deceptive Self-Attack for Cyber-Defense
dc.type.dcmi text
prism.startingpage 866
Original bundle
Now showing 1 - 1 of 1
No Thumbnail Available
785.84 KB
Adobe Portable Document Format