Title :
Finding Logically Consistent Resource-Deception Plans for Defense in Cyberspace
Author_Institution :
U.S. Naval Postgrad. Sch., Monterey, CA
Abstract :
We explore a new approach to defense of computer systems, deliberately deceiving attackers as to resource availability. This can be more effective than outright denial of access because it encourages an attacker to waste time continuing their attack. But effective deceptions must be consistent to convince an adversary. We are exploring automated methods for maintaining logical consistency by tracking assertions made so far with associated causal and other indirect implications. We have built a deception planner that takes as input as sequence of operating-system commands and finds the possible consistent deceptions as per our logical constraints, and rates the deceptions using several criteria. In a test on a generic planning model of rootkit installation, it found 72 of 558 possible deceptions were acceptable and rated them.
Keywords :
authorisation; operating systems (computers); resource allocation; access denial system; computer system defense; cyberspace; logically consistent resource-deception plan; operating system command; resource availability; Access control; Availability; Impedance; Internet; Invasive software; Military computing; Protection; Psychology; Testing; Waste materials;
Conference_Titel :
Advanced Information Networking and Applications Workshops, 2007, AINAW '07. 21st International Conference on
Conference_Location :
Niagara Falls, Ont.
Print_ISBN :
978-0-7695-2847-2
DOI :
10.1109/AINAW.2007.186
