English
Related papers

Related papers: A Proactive Decoy Selection Scheme for Cyber Decep…

200 papers

This paper investigates the problem of synthesizing proactive defense systems in which the defender can allocate deceptive targets and modify the cost of actions for the attacker who aims to compromise security assets in this system. We…

Multiagent Systems · Computer Science 2023-01-05 Haoxiang Ma , Shuo Han , Nandi Leslie , Charles Kamhoua , Jie Fu

Cyber deception can be a valuable addition to traditional cyber defense mechanisms, especially for modern cloud-native environments with a fading security perimeter. However, pre-built decoys used in classical computer networks are not…

Cryptography and Security · Computer Science 2024-05-07 Marco Zambianco , Claudio Facchinetti , Roberto Doriguzzi-Corin , Domenico Siracusa

Cyber deception is an emerging proactive defense strategy to counter increasingly sophisticated attacks such as Advanced Persistent Threats (APTs) by misleading and distracting attackers from critical assets. However, since deception…

Computer Science and Game Theory · Computer Science 2025-05-28 Ya-Ting Yang , Quanyan Zhu

Cyber deception has recently received increasing attentions as a promising mechanism for proactive cyber defense. Cyber deception strategies aim at injecting intentionally falsified information to sabotage the early stage of attack…

Cryptography and Security · Computer Science 2020-07-30 Zhuo Lu , Cliff Wang , Shangqing Zhao

We study a class of games, in which the adversary (attacker) is to satisfy a complex mission specified in linear temporal logic, and the defender is to prevent the adversary from achieving its goal. A deceptive defender can allocate decoys,…

Computer Science and Game Theory · Computer Science 2020-10-06 Abhishek N. Kulkarni , Jie Fu , Huan Luo , Charles A. Kamhoua , Nandi O. Leslie

Cybersecurity is a big challenge as hackers are always trying to find new methods to attack and exploit system vulnerabilities. Cybersecurity threats and risks have increased in recent years, due to the increasing number of devices and…

Cryptography and Security · Computer Science 2024-07-30 Ihab Mohamed , Hesham A. Hefny , Nagy R. Darwish

The MITRE ATT&CK framework is a widely adopted tool for enhancing cybersecurity, supporting threat intelligence, incident response, attack modeling, and vulnerability prioritization. This paper synthesizes research on its application across…

Cryptography and Security · Computer Science 2025-02-18 Yuning Jiang , Qiaoran Meng , Feiyang Shang , Nay Oo , Le Thi Hong Minh , Hoon Wei Lim , Biplab Sikdar

The concept of cyber deception has been receiving emerging attention. The development of cyber defensive deception techniques requires interdisciplinary work, among which cognitive science plays an important role. In this work, we adopt a…

Cryptography and Security · Computer Science 2023-09-26 Yinan Hu , Quanyan Zhu

Today's high-stakes adversarial interactions feature attackers who constantly breach the ever-improving security measures. Deception mitigates the defender's loss by misleading the attacker to make suboptimal decisions. In order to formally…

Artificial Intelligence · Computer Science 2020-06-11 Zheyuan Ryan Shi , Ariel D. Procaccia , Kevin S. Chan , Sridhar Venkatesan , Noam Ben-Asher , Nandi O. Leslie , Charles Kamhoua , Fei Fang

MITRE ATT&CK is a comprehensive framework of adversary tactics, techniques and procedures based on real-world observations. It has been used as a foundation for threat modelling in different sectors, such as government, academia and…

Cryptography and Security · Computer Science 2023-08-29 Bader Al-Sada , Alireza Sadighian , Gabriele Oligeri

Defensive deception techniques have emerged as a promising proactive defense mechanism to mislead an attacker and thereby achieve attack failure. However, most game-theoretic defensive deception approaches have assumed that players maintain…

Computer Science and Game Theory · Computer Science 2021-02-02 Zelin Wan , Jin-Hee Cho , Mu Zhu , Ahmed H. Anwar , Charles Kamhoua , Munindar P. Singh

This paper is concerned with the synthesis of strategies in network systems with active cyber deception. Active deception in a network employs decoy systems and other defenses to conduct defensive planning against the intrusion of malicious…

Computer Science and Game Theory · Computer Science 2020-02-18 Jie Fu , Abhishek N. Kulkarni , Huan Luo , Nandi O. Leslie , Charles A. Kamhoua

Cyberattacks use adversarial techniques to bypass system defenses, persist, and eventually breach systems. The MITRE ATT\&CK framework catalogs a set of adversarial techniques and maps between adversaries and their used techniques and…

Cryptography and Security · Computer Science 2022-11-15 Md Rayhanur Rahman , Laurie Williams

This article discusses how the gap between early 5G network threat assessments and an adversarial Tactics, Techniques, Procedures (TTPs) knowledge base for future use in the MITRE ATT&CK threat modelling framework can be bridged. We…

Cryptography and Security · Computer Science 2021-10-15 Robert Pell , Sotiris Moschoyiannis , Emmanouil Panaousis , Ryan Heartfield

In this chapter, we present an approach using formal methods to synthesize reactive defense strategy in a cyber network, equipped with a set of decoy systems. We first generalize formal graphical security models--attack graphs--to…

Cryptography and Security · Computer Science 2020-08-10 Abhishek N. Kulkarni , Jie Fu

Protecting against multi-step attacks of uncertain duration and timing forces defenders into an indefinite, always ongoing, resource-intensive response. To effectively allocate resources, a defender must be able to analyze multi-step…

Cryptography and Security · Computer Science 2021-07-12 Alexander V. Outkin , Patricia V. Schulz , Timothy Schulz , Thomas D. Tarman , Ali Pinar

The MITRE ATT&CK framework, a comprehensive knowledge base of adversary tactics and techniques, has been widely adopted by the cybersecurity industry as well as by academic researchers. Its broad range of industry applications include…

Cryptography and Security · Computer Science 2023-04-18 Shanto Roy , Emmanouil Panaousis , Cameron Noakes , Aron Laszka , Sakshyam Panda , George Loukas

A cyber-attack is a malicious attempt by experienced hackers to breach the target information system. Usually, the cyber-attacks are characterized as hybrid TTPs (Tactics, Techniques, and Procedures) and long-term adversarial behaviors,…

Cryptography and Security · Computer Science 2021-12-17 Mingqi Lv , Chengyu Dong , Tieming Chen , Tiantian Zhu , Qijie Song , Yuan Fan

Deception is rapidly growing as an important tool for cyber defence, complementing existing perimeter security measures to rapidly detect breaches and data theft. One of the factors limiting the use of deception has been the cost of…

Deception plays a crucial role in strategic interactions with incomplete information. Motivated by security applications, we study a class of two-player turn-based deterministic games with one-sided incomplete information, in which player 1…

Computer Science and Game Theory · Computer Science 2024-07-22 Abhishek N. Kulkarni , Matthew S. Cohen , Charles A. Kamhoua , Jie Fu
‹ Prev 1 2 3 10 Next ›