Software Deception Steering through Version Emulation
Software Deception Steering through Version Emulation
dc.contributor.author | Araujo, Frederico | |
dc.contributor.author | Sengupta, Sailik | |
dc.contributor.author | Jang, Jiyong | |
dc.contributor.author | Doupé, Adam | |
dc.contributor.author | Hamlen, Kevin | |
dc.contributor.author | Kambhampati, Subbarao | |
dc.date.accessioned | 2020-12-24T19:23:48Z | |
dc.date.available | 2020-12-24T19:23:48Z | |
dc.date.issued | 2021-01-05 | |
dc.description.abstract | Determined cyber adversaries often strategize their attacks by carefully selecting high-value target machines that host insecure (e.g., unpatched) legacy software. In this paper, we propose a moving-target approach to thwart and countersurveil such adversaries, wherein live (non-decoy) enterprise software services are automatically modified to deceptively emulate vulnerable legacy versions that entice attackers. A game-theoretic framework chooses which emulated software stacks, versions, configurations, and vulnerabilities yield the best defensive payoffs and most useful threat data given a specific attack model. The results show that effective movement strategies can be computed to account for pragmatic aspects of deception, such as the utility of various intelligence-gathering actions, impact of vulnerabilities, performance costs of patch deployment, complexity of exploits, and attacker profile. | |
dc.format.extent | 10 pages | |
dc.identifier.doi | 10.24251/HICSS.2021.243 | |
dc.identifier.isbn | 978-0-9981331-4-0 | |
dc.identifier.uri | http://hdl.handle.net/10125/70856 | |
dc.language.iso | English | |
dc.relation.ispartof | Proceedings of the 54th Hawaii International Conference on System Sciences | |
dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 International | |
dc.rights.uri | https://creativecommons.org/licenses/by-nc-nd/4.0/ | |
dc.subject | Cyber Deception and Cyber Psychology for Defense | |
dc.subject | agility | |
dc.subject | cyberdeception | |
dc.subject | game theory | |
dc.subject | security engineering | |
dc.subject | software security | |
dc.title | Software Deception Steering through Version Emulation | |
prism.startingpage | 1988 |
Files
Original bundle
1 - 1 of 1
No Thumbnail Available
- Name:
- 0196.pdf
- Size:
- 770.71 KB
- Format:
- Adobe Portable Document Format
- Description: