Software Deception Steering through Version Emulation

dc.contributor.author Araujo, Frederico
dc.contributor.author Sengupta, Sailik
dc.contributor.author Jang, Jiyong
dc.contributor.author Doupé, Adam
dc.contributor.author Hamlen, Kevin
dc.contributor.author Kambhampati, Subbarao
dc.date.accessioned 2020-12-24T19:23:48Z
dc.date.available 2020-12-24T19:23:48Z
dc.date.issued 2021-01-05
dc.description.abstract Determined cyber adversaries often strategize their attacks by carefully selecting high-value target machines that host insecure (e.g., unpatched) legacy software. In this paper, we propose a moving-target approach to thwart and countersurveil such adversaries, wherein live (non-decoy) enterprise software services are automatically modified to deceptively emulate vulnerable legacy versions that entice attackers. A game-theoretic framework chooses which emulated software stacks, versions, configurations, and vulnerabilities yield the best defensive payoffs and most useful threat data given a specific attack model. The results show that effective movement strategies can be computed to account for pragmatic aspects of deception, such as the utility of various intelligence-gathering actions, impact of vulnerabilities, performance costs of patch deployment, complexity of exploits, and attacker profile.
dc.format.extent 10 pages
dc.identifier.doi 10.24251/HICSS.2021.243
dc.identifier.isbn 978-0-9981331-4-0
dc.identifier.uri http://hdl.handle.net/10125/70856
dc.language.iso English
dc.relation.ispartof Proceedings of the 54th Hawaii International Conference on System Sciences
dc.rights Attribution-NonCommercial-NoDerivatives 4.0 International
dc.rights.uri https://creativecommons.org/licenses/by-nc-nd/4.0/
dc.subject Cyber Deception and Cyber Psychology for Defense
dc.subject agility
dc.subject cyberdeception
dc.subject game theory
dc.subject security engineering
dc.subject software security
dc.title Software Deception Steering through Version Emulation
prism.startingpage 1988
Files
Original bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
0196.pdf
Size:
770.71 KB
Format:
Adobe Portable Document Format
Description: