Abstract
Honeypots on computer networks are most effective when they use deception to fool cyberadversaries into thinking that they are not actual decoy intelligence collectors. Honeypot deception can be made more effective when applied with variety. We discuss the range of deception tactics of which honeypots can take advantage. Ideas can come from deception theory, and honeypot deceptions can benefit from planning and experimentation.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Change history
01 February 2020
This book was inadvertently published as an authored work with the chapter authors mentioned in the footnotes of the chapter opening pages. This has now been updated and the chapter authors have been mentioned in the respective chapter opening pages as mentioned below:
References
P. Aggarwal, C. Gonzalez, and V. Dutt. Looking from the hacker’s perspective: Role of deceptive strategies in cyber security. In 2016 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (CyberSA), pages 1–6, June 2016.
N. Al-Gharabally, N. El-Sayed, S. Al-Mulla, and I. Ahmad. Wireless honeypots: Survey and assessment. In Proceedings of the 2009 Conference on Information Science, Technology and Applications, ISTA ’09, pages 45–52, New York, NY, USA, 2009. ACM.
M. H. Almeshekah and E. H. Spafford. Planning and integrating deception into computer security defenses. In Proceedings of the 2014 New Security Paradigms Workshop, pages 127–138, New York, NY, USA, 2014. ACM.
F. Araujo, K. W. Hamlen, S. Biedermann, and S. Katzenbeisser. From patches to honey-patches: Lightweight attacker misdirection, deception, and disinformation. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, CCS ’14, pages 942–953, New York, NY, USA, 2014. ACM.
K. Borders, L. Falk, and A. Prakash. Openfire: Using deception to reduce network attacks. In SecureComm, pages 224–233. IEEE, 2007.
F. De Gaspari, S. Jajodia, L. V. Mancini, and A. Panico. Ahead: A new architecture for active defense. In Proceedings of the 2016 ACM Workshop on Automated Decision Making for Active Cyber Defense, SafeConfig ’16, pages 11–16, New York, NY, USA, 2016. ACM.
J. Dunnigan and A. Nofi. Victory and Deceit, Second Edition: Deception and Trickery in War. Writers Club Press, San Jose, CA, US, 2001.
C. D. Faveri, A. Moreira, and V. Amaral. Goal-driven deception tactics design. In 2016 IEEE 27th International Symposium on Software Reliability Engineering (ISSRE), pages 264–275, Oct 2016.
C. Fowler and R. Nesbit. Tactical deception in air-land warfare. Journal of Electronic Defense, 18(6), 1995.
D. Fraunholz and H. D. Schotten. Strategic defense and attack in deception based network security. In 2018 International Conference on Information Networking (ICOIN), pages 156–161, Jan 2018.
E. E. Frederick, N. C. Rowe, and A. B. G. Wong. Testing deception tactics in response to cyberattacks, In Proceedings of the National Symposium on Moving Target Research, Annapolis, Maryland, US, June 2012. Retrieved from http://faculty.nps.edu/ncrowe/rowe_mtr_realtimedecep.htm, March 10, 2018.
F. Girtler. Efficient Malware Detection by a Honeypot Network. AV Akademikerverlag, 2013.
X. Han, N. Kheir, and D. Balzarotti. Evaluation of deception-based web attacks detection. In Proceedings of the 2017 Workshop on Moving Target Defense, MTD ’17, pages 65–73, New York, NY, USA, 2017. ACM.
S. Hassan and R. Guha. A probabilistic study on the relationship of deceptions and attacker skills. In 2017 IEEE 15th Intl Conf on Dependable, Autonomic and Secure Computing, 15th Intl Conf on Pervasive Intelligence and Computing, 3rd Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress (DASC/PiCom/DataCom/CyberSciTech), pages 693–698, Nov 2017.
S. F. McKenna. Detection and classification of web robots with honeypots, 2016. Retrieved from http://faculty.nps.edu/ncrowe/oldstudents/28Mar_McKenna_Sean_thesis.htm, March 3, 2018.
P. Pal, N. Soule, N. Lageman, S. S. Clark, M. Carvalho, A. Granados, and A. Alves. Adaptive resource management enabling deception (armed). In Proceedings of the 12th International Conference on Availability, Reliability and Security, ARES ’17, pages 52:1–52:8, New York, NY, USA, 2017. ACM.
N. C. Rowe, E. J. Custy, and B. T. Duong. Defending cyberspace with fake honeypots, 2007.
N. C. Rowe and J. Rrushi. Introduction to Cyberdeception. Springer Publishing Company, Incorporated, 1st edition, 2016.
M. P. Stoecklin, J. Zhang, F. Araujo, and T. Taylor. Dressed up: Baiting attackers through endpoint service projection. In Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization, SDN-NFVSec@CODASPY 2018, Tempe, AZ, USA, March 19–21, 2018, pages 23–28, 2018.
P. Sztompka. Trust. Cambridge University Press, London, UK, 1999.
J. Tammi, S. Rauti, and V. Leppänen. Practical challenges in building fake services with the record and play approach. In SIN, pages 235–239. ACM, 2017.
V. E. Urias, W. M. S. Stout, and H. W. Lin. Gathering threat intelligence through computer network deception. In 2016 IEEE Symposium on Technologies for Homeland Security (HST), pages 1–6, May 2016.
C. Wang and Z. Lu. Cyber deception: Overview and the road ahead. IEEE Security Privacy, 16(2):80–85, March 2018.
W. Wang, J. Bickford, I. Murynets, R. Subbaraman, A. G. Forte, and G. Singaraju. Catching the wily hacker: A multilayer deception system. In 2012 35th IEEE Sarnoff Symposium, pages 1–6, May 2012.
M. Wegerer and S. Tjoa. Defeating the database adversary using deception - a MySQL database honeypot. In 2016 International Conference on Software Security and Assurance (ICSSA), pages 6–10, Aug 2016.
A. Zarras. The art of false alarms in the game of deception: Leveraging fake honeypots for enhanced security. In 48th IEEE International Carnahan Conference on Security Technology (ICCST), October 2014.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 This is a U.S. government work and not under copyright protection in the U.S.; foreign copyright protection may apply
About this chapter
Cite this chapter
Rowe, N.C. (2019). Honeypot Deception Tactics. In: Al-Shaer, E., Wei, J., Hamlen, K., Wang, C. (eds) Autonomous Cyber Deception. Springer, Cham. https://doi.org/10.1007/978-3-030-02110-8_3
Download citation
DOI: https://doi.org/10.1007/978-3-030-02110-8_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-02109-2
Online ISBN: 978-3-030-02110-8
eBook Packages: Computer ScienceComputer Science (R0)