© 2019

Autonomous Cyber Deception

Reasoning, Adaptive Planning, and Evaluation of HoneyThings

  • Ehab Al-Shaer
  • Jinpeng Wei
  • Kevin W. Hamlen
  • Cliff Wang

Table of contents

  1. Front Matter
    Pages i-xii
  2. Cyber Deception Reasoning Frameworks

    1. Front Matter
      Pages 1-1
    2. Nazmiye Ceren Abay, Cuneyt Gurcan Akcora, Yan Zhou, Murat Kantarcioglu, Bhavani Thuraisingham
      Pages 3-19
    3. Fabio De Gaspari, Sushil Jajodia, Luigi V. Mancini, Giulio Pagnotta
      Pages 21-33
    4. Neil C. Rowe
      Pages 35-45
  3. Dynamic Decision-Making for Cyber Deception

    1. Front Matter
      Pages 47-47
    2. Jin-Hee Cho, Mu Zhu, Munindar Singh
      Pages 49-74
  4. Network-Based Deception

    1. Front Matter
      Pages 99-99
    2. Gahng-Seop Ahn, Kyung Joon Kwak, Alexey Bogaevskiy, Jason Li, Gregory Briskin, Robert Vaeth
      Pages 125-146
    3. Frederico Araujo, Gbadebo Ayoade, Kevin W. Hamlen, Latifur Khan
      Pages 147-165
    4. Reham Mohamed, Terrence O’Connor, Markus Miettinen, William Enck, Ahmad-Reza Sadeghi
      Pages 167-181
  5. Malware Deception

    1. Front Matter
      Pages 183-183
    2. Mohammed Noraden Alsaleh, Jinpeng Wei, Ehab Al-Shaer, Mohiuddin Ahmed
      Pages 185-207
    3. Zhaoyan Xu, Jialong Zhang, Zhiqiang Lin, Guofei Gu
      Pages 209-235
  6. Ehab Al-Shaer, Jinpeng Wei, Kevin W. Hamlen, Cliff Wang
    Pages C1-C2

About this book


This textbook surveys the knowledge base in automated and resilient cyber deception. It features four major parts: cyber deception reasoning frameworks, dynamic decision-making for cyber deception, network-based deception, and malware deception.

 An important distinguishing characteristic of this book is its inclusion of student exercises at the end of each chapter. Exercises include technical problems, short-answer discussion questions, or hands-on lab exercises, organized at a range of difficulties from easy to advanced,.

 This is a useful textbook for a wide range of classes and degree levels within the security arena and other related topics. It’s also suitable for researchers and practitioners with a variety of cyber security backgrounds from novice to experienced.


cyber deception deception metrics deep learning adversarial cyber deception differential privacy deception games deception parameters deception theory deceptive web service decoy deployment dynamic bayesian games dynamic planning honeypots honey resources hypergame theory intelligent agents Internet of Things malware analysis network obfuscation software defined networking

Editors and affiliations

  1. 1.Department of Software & Information SystemUniversity of North Carolina CharlotteCharlotteUSA
  2. 2.Department of Software and Information SystemUniversity of North CarolinaCharlotteUSA
  3. 3.Computer Science DepartmentUniversity of Texas at DallasRichardsonUSA
  4. 4.Computing and Information Science DivisionArmy Research OfficeDurhamUSA

About the editors

Ehab Al-Shaer is a Professor and the Director of the Cyber Defense and Network Assurability (CyberDNA) Center in the School of Computing and Informatics at University of North Carolina Charlotte. His primary research areas are network security, security management, fault diagnosis, and network assurability. Prof. Al-Shaer edited/co-edited more than 10 books and book chapters, and published about 100 refereed journals and conferences papers in his area. Prof. Al-Shaer is the General Chair of ACM Computer and Communication 2009-2010 and NSF Workshop in Assurable and Usable Security Configuration, August 2008. Prof. Al-Shaer also served as a Workshop Chair and Program Co-chair for number of well-established conferences/workshops in his area including POLICY 2008, IM 2007, ANM-INFOCOM 2008, CCS-SafeConfig 09, MMNS 2001, and E2EMON 04-05. He also served as a member in the technical program and organization committees for many IEEE and ACM conferences. He was awarded many Best Paper Awards. Prof. Al-Shaer received his MSc and Ph.D. in Computer Science from the Northeastern University (Boston, MA) and Old Dominion University (Norfolk, VA) in 1998 and 1994 respectively.

 Dr. Jinpeng Wei leads the Systems Security Lab in the Department of Software and Information Systems at UNC Charlotte. His research focuses on theory, methods, and tools that enhance the security of systems software for a wide range of applications. His research topics include systems software vulnerability detection and mitigation, runtime verification of systems software security properties, stealthy malware detection, analysis and defense, secure software architecture, cloud computing security, and security problems in emerging application domains such as Internet of Things. His work has been published in premier venues such as ACSAC, ESORICS, Computers & Security, USENIX FAST, and USENIX ATC. He is the winner of three best paper awards and the AFRL Visiting Faculty Research Program (VFRP) award. His research has been funded by Air Force Research Lab, Department of Homeland Security, Department of Defense, Centre for Strategic Infocomm Technologies (CSIT), Singapore, and Electronics and Telecommunications Research Institute (ETRI). He has been a program committee member for more than 20 conferences (such as SecureComm 2014, IEEE CLOUD 2015, and ICDCS 2011), the Workshop Co-Chair of CollaborateCom 2014, and a reviewer for reputable journals such as ACM Computing Surveys, ACM Transactions on Computer Systems, Elsevier Journal of Computers and Security, and IEEE Transactions on Dependable and Secure Computing. Dr. Wei received a PhD in Computer Science from Georgia Institute of Technology, and prior to his appointment at UNC Charlotte he was a faculty member in the School of Computing and Information Sciences, Florida International University.

Kevin Hamlen is currently an Associate Professor in the Computer Science Department at the University of Texas at Dallas, and a Senior Technical Advisor of UTD's Cyber Security Research and Education Institute. His research focus concerns the field of language-based security, which leverages techniques from programming language theory and compilers to enforce software security. Topics of interest include in-lined reference monitors, type-safe intermediate languages, software abstract interpretation and model-checking, proof-carrying code, and certifying compilers. He also has ongoing projects related to malware defense and cloud computing security. His research is currently supported by grants from the U.S. Air Force Office of Scientific Research (AFOSR), the National Science Foundation (NSF), the Office of Naval Research (ONR), and Raytheon Company. See my CV for additional details. He received his Master's and Ph.D. degrees from Cornell University, where his doctoral research was part of the Language-Based Security For Malicious Mobile Code initiative. 

Cliff Wang from the US Army Research Office, Durham, NC, was named Fellow of the Institute of Electrical and Electronics Engineers (IEEE) in 2016 for leadership in trusted computing and communication systems. His focus in the US Army Research Office is in the Information and Software Assurance division, which addresses the research and development of highly assured, self-healing and survivable software and information systems that address the processing and delivery of authentic, accurate, secure, reliable, and timely information, regardless of threat conditions.

Bibliographic information

Industry Sectors
IT & Software
Finance, Business & Banking