| EAI Endorsed Transactions on Security and Safety | 卷:6 |
| Attacker Capability based Dynamic Deception Model for Large-Scale Networks | |
| Laurent Njilla1 Charles Kamouha2 Md Al Amin3 Sachin Shetty3 Deepak Tosh4 | |
| [1] Air Force Research Lab, Rome, New York, USA; | |
| [2] Army Research Lab, Adelphi, Maryland, USA; | |
| [3] Old Dominion University, Norfolk, Virginia, USA; | |
| [4] University of Texas at El Paso, El Paso, Texas, USA; | |
| 关键词: cyber deception; network security; pomcp; pomdp; sdn; exploit dependency graph; | |
| DOI : 10.4108/eai.13-7-2018.162808 | |
| 来源: DOAJ | |
【 摘 要 】
In modern days, cyber networks need continuous monitoring to keep the network secure and available to legitimate users.Cyber attackers use reconnaissance mission to collect critical network information and using that information, they make anadvanced level cyber-attack plan. To thwart the reconnaissance mission and counterattack plan, the cyber defender needs tocome up with a state-of-the-art cyber defense strategy. In this paper, we model a dynamic deception system (DDS) whichwill not only thwart reconnaissance mission but also steer the attacker towards fake network to achieve a fake goal state. Inour model, we also capture the attacker’s capability using a belief matrix which is a joint probability distribution over thesecurity states and attacker types. Experiments conducted on the prototype implementation of our DDS confirm that thedefender can make the decision whether to spend more resources or save resources based on attacker types and thwartreconnaissance mission.
【 授权许可】
Unknown
878987797
028-85220240
