Abstract
The increasingly sophisticated nature of cyberattacks reduces the effectiveness of expert human intervention due to their slow response times. Consequently, interest in automated agents that can make intelligent decisions and plan countermeasures is rapidly growing. In this chapter, we discuss intelligent cyber deception systems. Such systems can dynamically plan the deception strategy and use several actuators to effectively implement the cyber deception measures. We also present a prototype of a framework designed to simplify the development of cyber deception tools to be integrated with such intelligent agents.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Change history
01 February 2020
This book was inadvertently published as an authored work with the chapter authors mentioned in the footnotes of the chapter opening pages. This has now been updated and the chapter authors have been mentioned in the respective chapter opening pages as mentioned below:
References
Artillery. https://github.com/shoreditch-ops/artillery.
Docker platform. https://www.docker.com/.
Python Global Interpreter Lock. https://wiki.python.org/moin/GlobalInterpreterLock.
E. Al-Shaer. Toward Network Configuration Randomization for Moving Target Defense, pages 153–159. 2011.
K. G. Anagnostakis, S. Sidiroglou, P. Akritidis, K. Xinidis, E. Markatos, and A. D. Keromytis. Detecting targeted attacks using shadow honeypots. In Proceedings of the 14th Conference on USENIX Security Symposium - Volume 14, SSYM’05, pages 9–9, 2005.
F. Araujo, K. W. Hamlen, S. Biedermann, and S. Katzenbeisser. From patches to honey-patches: Lightweight attacker misdirection, deception, and disinformation. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, CCS ’14, pages 942–953, 2014.
B. M. Bowen, S. Hershkop, A. D. Keromytis, and S. J. Stolfo. Baiting inside attackers using decoy documents. In Security and Privacy in Communication Networks, pages 51–70.
M. L. Bringer, C. A. Chelmecki, and H. Fujinoki. A survey: Recent advances and future trends in honeypot research. In International Journal of Computer Network and Information Security, IJCNIS, 2012.
F. De Gaspari, S. Jajodia, L. V. Mancini, and A. Panico. Ahead: A new architecture for active defense. In Proceedings of the 2016 ACM Workshop on Automated Decision Making for Active Cyber Defense, SafeConfig ’16, 2016.
J. C. Giarratano and G. Riley. Expert Systems: Principles and Programming. Brooks/Cole Publishing Co., Pacific Grove, CA, USA, 1989.
I. J. Goodfellow, J. Shlens, and C. Szegedy. Explaining and Harnessing Adversarial Examples. ArXiv e-prints, 2014.
M. H. Hassoun. Fundamentals of Artificial Neural Networks. MIT Press, Cambridge, MA, USA, 1st edition, 1995.
B. Hitaj, P. Gasti, G. Ateniese, and F. Perez-Cruz. PassGAN: A Deep Learning Approach for Password Guessing. ArXiv, 2017.
R. Hund, C. Willems, and T. Holz. Practical timing side channel attacks against kernel space ASLR. In 2013 IEEE Symposium on Security and Privacy, 2013.
S. Jajodia, K. A. Ghosh, V. Subrahmanian, V. Swarup, C. Wang, and S. X. Wang, editors. Moving Target Defense II: Application of Game Theory and Adversarial Modeling. Springer, 2013.
S. Jajodia, K. A. Ghosh, V. Swarup, C. Wang, and S. X. Wang, editors. Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats. Springer, 2011.
A. Kott, L. V. Mancini, P. Théron, M. Drašar, E. Dushku, H. Günther, M. Kont, B. LeBlanc, A. Panico, M. Pihelgas, and K. Rzadca. Initial Reference Architecture of an Intelligent Autonomous Agent for Cyber Defense. ArXiv e-prints, 2018.
Y. LeCun, Y. Bengio, and G. Hinton. Deep learning. Nature, 521:436 EP –, May 2015.
N. Papernot, P. McDaniel, S. Jha, M. Fredrikson, Z. B. Celik, and A. Swami. The limitations of deep learning in adversarial settings. In 2016 IEEE European Symposium on Security and Privacy (EuroS P), 2016.
N. Provos. A virtual honeypot framework. In Proceedings of the 13th Conference on USENIX Security Symposium - Volume 13, SSYM’04, 2004.
N. Provos and T. Holz. Detecting Honeypots, chapter in book: Virtual Honeypots: From Botnet Tracking to Intrusion Detection. Addison-Wesley Professional, 2007.
J. Saxe and K. Berlin. Deep neural network based malware detection using two dimensional binary program features. In 2015 10th International Conference on Malicious and Unwanted Software (MALWARE), 2015.
S. Seufert and D. O’Brien. Machine learning for automatic defence against distributed denial of service attacks. In 2007 IEEE International Conference on Communications, 2007.
D. Silver, A. Huang, C. J. Maddison, A. Guez, L. Sifre, G. van den Driessche, J. Schrittwieser, I. Antonoglou, V. Panneershelvam, M. Lanctot, S. Dieleman, D. Grewe, J. Nham, N. Kalchbrenner, I. Sutskever, T. Lillicrap, K. Leach, Madeleineand Kavukcuoglu, T. Graepel, and D. Hassabis. Mastering the game of Go with deep neural networks and tree search. Nature, 529:484 EP –, Jan 2016. Article.
J. Yuill, M. Zappe, D. Denning, and F. Feer. Honeyfiles: deceptive files for intrusion detection. In Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, 2004., pages 116–122.
L. Zhao and M. Mannan. Explicit authentication response considered harmful. In Proceedings of the 2013 New Security Paradigms Workshop, NSPW ’13, 2013.
Acknowledgements
This work was partially funded by the Army Research Office under the grants W911NF-13-1-0421 and W911NF-15-1-0576, and by the Office of Naval Research under the grant N00014-15-1-2007.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this chapter
Cite this chapter
De Gaspari, F., Jajodia, S., Mancini, L.V., Pagnotta, G. (2019). Towards Intelligent Cyber Deception Systems. In: Al-Shaer, E., Wei, J., Hamlen, K., Wang, C. (eds) Autonomous Cyber Deception. Springer, Cham. https://doi.org/10.1007/978-3-030-02110-8_2
Download citation
DOI: https://doi.org/10.1007/978-3-030-02110-8_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-02109-2
Online ISBN: 978-3-030-02110-8
eBook Packages: Computer ScienceComputer Science (R0)