WiP: Deception-in-Depth Using Multiple Layers of Deception
- URL: http://arxiv.org/abs/2412.16430v1
- Date: Sat, 21 Dec 2024 01:34:38 GMT
- Title: WiP: Deception-in-Depth Using Multiple Layers of Deception
- Authors: Jason Landsborough, Neil C. Rowe, Thuy D. Nguyen, Sunny Fugate,
- Abstract summary: We draw ideas from military deception, network orchestration, software deception, file deception, fake honeypots, and moving-target defenses.
We hope to show that deploying a broad range of deception techniques can be more effective in protecting systems than deploying single techniques.
- Score: 0.24466725954625887
- License:
- Abstract: Deception is being increasingly explored as a cyberdefense strategy to protect operational systems. We are studying implementation of deception-in-depth strategies with initially three logical layers: network, host, and data. We draw ideas from military deception, network orchestration, software deception, file deception, fake honeypots, and moving-target defenses. We are building a prototype representing our ideas and will be testing it in several adversarial environments. We hope to show that deploying a broad range of deception techniques can be more effective in protecting systems than deploying single techniques. Unlike traditional deception methods that try to encourage active engagement from attackers to collect intelligence, we focus on deceptions that can be used on real machines to discourage attacks.
Related papers
- A Novel Approach to Guard from Adversarial Attacks using Stable Diffusion [0.0]
Our proposal suggests a different approach to the AI Guardian framework.
Instead of including adversarial examples in the training process, we propose training the AI system without them.
This aims to create a system that is inherently resilient to a wider range of attacks.
arXiv Detail & Related papers (2024-05-03T04:08:15Z) - A Proactive Decoy Selection Scheme for Cyber Deception using MITRE ATT&CK [0.9831489366502301]
Cyber deception allows compensating the late response of defenders to the ever evolving tactics, techniques, and procedures (TTPs) of attackers.
In this work, we design a decoy selection scheme that is supported by an adversarial modeling based on empirical observation of real-world attackers.
Results reveal that the proposed scheme provides the highest interception rate of attack paths using the lowest amount of decoys.
arXiv Detail & Related papers (2024-04-19T10:45:05Z) - Game of Travesty: Decoy-based Psychological Cyber Deception for Proactive Human Agents [13.47548023934913]
In this work, we adopt a signaling game framework between a defender and a human agent to develop a cyber defensive deception protocol.
The proposed framework leads to fundamental theories in designing more effective signaling schemes.
arXiv Detail & Related papers (2023-09-23T15:27:26Z) - DOLOS: A Novel Architecture for Moving Target Defense [3.2249474972573555]
Moving Target Defense and Cyber Deception emerged in recent years as two key proactive cyber defense approaches.
This paper presents DOLOS, a novel architecture that unifies Cyber Deception and Moving Target Defense approaches.
We show that DOLOS is highly effective in slowing down attacks and protecting the integrity of production systems.
arXiv Detail & Related papers (2023-03-01T10:13:03Z) - Graph Neural Networks for Decentralized Multi-Agent Perimeter Defense [111.9039128130633]
We develop an imitation learning framework that learns a mapping from defenders' local perceptions and their communication graph to their actions.
We run perimeter defense games in scenarios with different team sizes and configurations to demonstrate the performance of the learned network.
arXiv Detail & Related papers (2023-01-23T19:35:59Z) - Illusory Attacks: Information-Theoretic Detectability Matters in Adversarial Attacks [76.35478518372692]
We introduce epsilon-illusory, a novel form of adversarial attack on sequential decision-makers.
Compared to existing attacks, we empirically find epsilon-illusory to be significantly harder to detect with automated methods.
Our findings suggest the need for better anomaly detectors, as well as effective hardware- and system-level defenses.
arXiv Detail & Related papers (2022-07-20T19:49:09Z) - Fixed Points in Cyber Space: Rethinking Optimal Evasion Attacks in the
Age of AI-NIDS [70.60975663021952]
We study blackbox adversarial attacks on network classifiers.
We argue that attacker-defender fixed points are themselves general-sum games with complex phase transitions.
We show that a continual learning approach is required to study attacker-defender dynamics.
arXiv Detail & Related papers (2021-11-23T23:42:16Z) - The Feasibility and Inevitability of Stealth Attacks [63.14766152741211]
We study new adversarial perturbations that enable an attacker to gain control over decisions in generic Artificial Intelligence systems.
In contrast to adversarial data modification, the attack mechanism we consider here involves alterations to the AI system itself.
arXiv Detail & Related papers (2021-06-26T10:50:07Z) - Against All Odds: Winning the Defense Challenge in an Evasion
Competition with Diversification [13.236009846517662]
In this paper, we outline our learning-based system PEberus that got the first place in the defender challenge of the Microsoft Evasion Competition.
Our system combines multiple, diverse defenses: we address the semantic gap, use various classification models, and apply a stateful defense.
arXiv Detail & Related papers (2020-10-19T14:53:06Z) - Adversarial Machine Learning Attacks and Defense Methods in the Cyber
Security Domain [58.30296637276011]
This paper summarizes the latest research on adversarial attacks against security solutions based on machine learning techniques.
It is the first to discuss the unique challenges of implementing end-to-end adversarial attacks in the cyber security domain.
arXiv Detail & Related papers (2020-07-05T18:22:40Z) - Deflecting Adversarial Attacks [94.85315681223702]
We present a new approach towards ending this cycle where we "deflect" adversarial attacks by causing the attacker to produce an input that resembles the attack's target class.
We first propose a stronger defense based on Capsule Networks that combines three detection mechanisms to achieve state-of-the-art detection performance.
arXiv Detail & Related papers (2020-02-18T06:59:13Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.