In proceedings details

  • Designing Adaptive Deception Strategies
  • Sep 2016
  • Deception-based defense is the process by which actions are intentionally employed to cause misrepresentation and induce erroneous inferences on attackers. Deception can be employed in different levels of computation, from network to application-level, which demands careful planning and coordination between multiple strategies and tactics. Despite of advances on using deception in computer defenses, ad-hoc approaches are still used for their design. As a result, deception is realized essentially as single tools or as entire solutions repackaged as honeypot machines. In this paper, we propose a model to specify coordinated deception tactics based on adaptive architectures. Our contributions rely on a deception-based defense life-cycle approach integrated in a software design process, including a model to specify coordinated deception strategies. The feasibility of the proposed approach is shown via an example where a deception strategy is designed for a smartphone application that synchronizes data with a central database.
  • Cristiano De Faveri, Ana Moreira
  • 1 Sep 2016