Related papers: Koney: A Cyber Deception Orchestration Framework f…
Cyber deception has recently received increasing attentions as a promising mechanism for proactive cyber defense. Cyber deception strategies aim at injecting intentionally falsified information to sabotage the early stage of attack…
The concept of cyber deception has been receiving emerging attention. The development of cyber defensive deception techniques requires interdisciplinary work, among which cognitive science plays an important role. In this work, we adopt a…
Cyber deception techniques that are tightly intertwined with applications pose significant technical challenges in production systems. Security measures are usually the responsibility of a system operator, but they are typically limited to…
Deception is rapidly growing as an important tool for cyber defence, complementing existing perimeter security measures to rapidly detect breaches and data theft. One of the factors limiting the use of deception has been the cost of…
Keyloggers remain a serious threat in modern cybersecurity, silently capturing user keystrokes to steal credentials and sensitive information. Traditional defenses focus mainly on detection and removal, which can halt malicious activity but…
Fooling adversaries with traps such as honeytokens can slow down cyber attacks and create strong indicators of compromise. Unfortunately, cyber deception techniques are often poorly specified. Also, realistically measuring their…
Deception technology has proven to be a sound approach against threats to information systems. Aside from well-established honeypots, decoy elements, also known as honeytokens, are an excellent method to address various types of threats.…
Cyber deception aims to distract, delay, and detect network attackers with fake assets such as honeypots, decoy credentials, or decoy files. However, today, it is difficult for operators to experiment, explore, and evaluate deception…
Deception boosts security for systems and components by denial, deceit, misinformation, camouflage and obfuscation. In this work an extensive overview of the deception technology environment is presented. Taxonomies, theoretical…
Kubernetes is an open-source software for automating management of computerized services. Organizations, such as IBM, Capital One and Adidas use Kubernetes to deploy and manage their containers, and have reported benefits related to…
Deception is being increasingly explored as a cyberdefense strategy to protect operational systems. We are studying implementation of deception-in-depth strategies with initially three logical layers: network, host, and data. We draw ideas…
This paper explores deploying a cyber honeypot system to learn how cyber defenders can use a honeypot system as a deception mechanism to gather intelligence. Defenders can gather intelligence about an attacker such as the autonomous system…
Cyber deception is one of the key approaches used to mislead attackers by hiding or providing inaccurate system information. There are two main factors limiting the real-world application of existing cyber deception approaches. The first…
With the ever growing networking capabilities and services offered to users, attack surfaces have been increasing exponentially, additionally, the intricacy of network architectures has increased the complexity of cyber-defenses, to this…
Cyber deception can be a valuable addition to traditional cyber defense mechanisms, especially for modern cloud-native environments with a fading security perimeter. However, pre-built decoys used in classical computer networks are not…
In the contemporary business landscape, collaboration across multiple organizations offers a multitude of opportunities, including reduced operational costs, enhanced performance, and accelerated technological advancement. The application…
Covert channels can be utilized to secretly deliver information from high privileged processes to low privileged processes in the context of a high-assurance computing system. In this case study, we investigate the possibility of covert…
Many cybersecurity attacks rely on analyzing a binary executable to find exploitable sections of code. Code obfuscation is used to prevent attackers from reverse engineering these executables. In this work, we focus on control flow…
Deceptive patterns are design practices embedded in digital platforms to manipulate users, representing a widespread and long-standing issue in the web and mobile software development industry. Legislative actions highlight the urgency of…
"What Should be Hidden and Open in Computer Security: Lessons from Deception, the Art of War, Law, and Economic Theory" Peter P. Swire, George Washington University. Imagine a military base. It is defended against possible attack. Do we…