Abstract
This chapter considers further details in how to implement the deceptions described in this book. For readers interested in still more details, Heckman et al. (2015) provides a detailed top-down view of deception planning, and Bodmer et al. (2012) offers useful alternative approaches to operationalizing deception. Heckman et al. (2015) situates cyberdeception in the context of military operations planning, and Bodmer et al. (2012) is a good resource for people on the front lines of cyberattacks.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Bakos G, Bratus S (2005) Ubiquitous redirection as access control response. In: Proceedings of the 3rd annual conference on privacy, security and trust, New Brunswick, Canada, 12–14 Oct, 2005
Bodmer S, Kilger A, Carpenter G, Jones J (2012) Reverse deception: organized cyber threat counter-exploitation. McGraw-Hill Education, New York
Chang H-Y, Wu S, Jou Y (2001) Real-time protocol analysis for detecting link-state routing protocol attacks. ACM Trans Inf Syst Secur 4(1):1–36
Chapple M, Ballad B, Ballad T, Banks E (2013) Access control, authentication, and public key infrastructure, 2nd edn. Jones and Bartlett, New York
Cohen F (1999) A mathematical structure of simple defensive network deceptions. all.net/journal/deception/mathdeception/mathdeception.html. Accessed 15 Jan 2016
Cohen F, Koike D (2003) Leading attackers through attack graphs with deceptions. Comput Security 22(5):402–411
Cohen F, Marin I, Sappington J, Stewart C, Thomas E (2001) Red teaming experiments with deceptions technologies. all.net/journal/deception/ RedTeamingExperiments.pdf. Accessed 15 Jan, 2016
Crane S, Larsen P, Brunthaler S, Franz M (2013) Booby trapping software. In: Proceedings of the new security paradigms workshop, Banff, AB, Canada, 9–12 Sept, 2013. pp 95–105
Ford R, Howard M (2007) How not to be seen. IEEE Secur Priv 5(1):67–69
Frederick E, Rowe N, Wong A (2012) Testing deception tactics in response to cyberattacks. National symposium on moving target research, Annapolis, MD, 11 June, 2102
Fu X, Yu W, Cheng D, Tan X, Streff K, Graham S (2006) On recognizing virtual honeypots and countermeasures. In: Proceedings of the 2nd IEEE international symposium on dependable, autonomic, and secure computing, Indianapolis, IN. pp 211–218
Heckman K, Walsh M, Stech F, O’Boyle T, DiCato S, Herber A (2013) Active cyber defense with denial and deception: a cyber-wargame experiment. Comput Security 37:72–77
Heckman K, Stech F, Thomas R, Schmoker B, Tsow A (2015) Cyber denial, deception, and counter deception: a framework for supporting active cyber defense. Springer, New York
Hernacki B, Bennett J, Lofgran T (2004) Symantec deception server: experience with a commercial deception system. In: Proceedings of the seventh international symposium in resent advances in intrusion detection, Sophia Antipolis, France, 15–17 Sept, 2004. pp 188–202
Kempf T, Karuri K, Gao L (2009) Software instrumentation. In: Wah B (ed) Wiley encyclopedia of computer science and engineering 1 (11). Wiley-Interscience, New York
Michael J, Auguston M, Rowe N, Riehle R (2002) Software decoys: intrusion detection and countermeasures. In: Proceedings of the IEEE-SMC workshop on information assurance, West Point, New York, 17–19 June, 2002. pp 130–138
Noonan W, Dubrawsky I (2006) Firewall fundamentals. Cisco, Indianapolis, IN
Pang R, Veqneswaran V, Barford P, Paxon V, Peterson L (2004) Characteristics of Internet background radiation. In: Proceedings of the 4th ACM SIGCOMM conference on internet measurement, Taormina, IT, 25–27 Oct, 2004. pp 27–40
Provos N, Holz T (2008) Virtual honeypots: from botnet tracking to intrusion detection. Addison-Wesley, Upper Saddle River, NJ
Rinard M, Cadar C, Dumitran D, Roy D, Leu T (2004) A dynamic technique for eliminating buffer overflow vulnerabilities (and other memory errors). In: Proceedings of the 20th annual computer security applications conference, Tucson, AZ, 6–10 Dec, 2004. pp 82–90
Rowe N, Goh H (2007) Thwarting cyber-attack reconnaissance with inconsistency and deception. In: Proceedings of the 8th IEEE information assurance workshop, West Point, NY, 20–22 June, 2007. pp 151–158
ShadowServer (2007) What is a honeypot? www.shadowserver.org/wiki/ pmkiki.php?n = Information.Honeypots. Accessed 22 July, 2008
Shiue LM, Kao SJ (2008) Countermeasure for detection of honeypot deployment. In: Proceedings of the international conference on computer and communication engineering, Kuala Lumpur, Malaysia, 13–15 May, 2008. pp 595–599
Smith D (2007) Why we lie: the evolutionary roots of deception and the unconscious mind. St. Martin’s Griffin, New York
Wuu L-C, Chen, S-F (2003) Building intrusion pattern miner for Snort network intrusion detection system. In: Proceedings of the 37th IEEE Carnahan conference on security technology, 14–16 Oct 2003. pp 477–484
Yahyaoui A, Rowe N (2015) Testing simple deceptive honeypot tools. In: Proceedings of SPIE defense and security, Baltimore MD, 20–24 April, 2015. Paper 9458-2
Yost G (1985) Spy-tech. Facts on File, New York
Zarras A (2014) The art of false alarms in the game of deception: Leveraging fake honeypots for enhanced security. In: Proceedings of the Carnahan conference on security technology, Rome, Italy, 13–16 Oct 2014. pp 1–6
Zou C, Cunningham R (2006) Honeypot-aware advanced botnet construction and maintenance. In: Proceedings of the international conference on dependable systems and networks, Philadelphia, PA, 25–28 June, 2006. pp 199–208
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Rowe, N.C., Rrushi, J. (2016). Software Engineering of Deceptive Software and Systems. In: Introduction to Cyberdeception. Springer, Cham. https://doi.org/10.1007/978-3-319-41187-3_13
Download citation
DOI: https://doi.org/10.1007/978-3-319-41187-3_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-41185-9
Online ISBN: 978-3-319-41187-3
eBook Packages: Computer ScienceComputer Science (R0)