A New Web Deception System Framework

“…2) Honeywebs: El-Kosairy and Azer [61] proposed a web server framework that provides a web application firewall with a honeyweb to detect malicious traffics and forward suspicious traffics to honeypot servers. Typically, this research combines deception technologies, including honey token, honeypot, and decoy document.…”

“…• Web attack [61]: An attacker can leverage existing vulnerabilities in web applications to gather sensitive data and gain unauthorized access to the web servers. In Figs.…”

“…1) DD Techniques: In this environment, honey-X [61] or fake signals [105] are used as defensive deception techniques, such as honeywebs using honey files, honey tokens, decoy resources, or honeypots. In addition, obfuscation techniques [152] are used to confuse attackers.…”

“…2) Main Attacks: Game-theoretic or ML-based DD techniques in cloud environments have mainly considered general web attacks [61], multi-staged APT attacks [105], or privacy attacks to disrupt the accuracy of ML-based classifiers [152].…”

“…3) Key GT and ML Methods: Signaling games with complete, imperfect information have been used to model attackdefense games [61,105,152]. In addition, ML-based algorithms have been used to generate obfuscation in data [152].…”

Game-Theoretic and Machine Learning-based Approaches for Defensive Deception: A Survey

“…2) Honeywebs: El-Kosairy and Azer [61] proposed a web server framework that provides a web application firewall with a honeyweb to detect malicious traffics and forward suspicious traffics to honeypot servers. Typically, this research combines deception technologies, including honey token, honeypot, and decoy document.…”

“…• Web attack [61]: An attacker can leverage existing vulnerabilities in web applications to gather sensitive data and gain unauthorized access to the web servers. In Figs.…”

“…1) DD Techniques: In this environment, honey-X [61] or fake signals [105] are used as defensive deception techniques, such as honeywebs using honey files, honey tokens, decoy resources, or honeypots. In addition, obfuscation techniques [152] are used to confuse attackers.…”

“…2) Main Attacks: Game-theoretic or ML-based DD techniques in cloud environments have mainly considered general web attacks [61], multi-staged APT attacks [105], or privacy attacks to disrupt the accuracy of ML-based classifiers [152].…”

“…3) Key GT and ML Methods: Signaling games with complete, imperfect information have been used to model attackdefense games [61,105,152]. In addition, ML-based algorithms have been used to generate obfuscation in data [152].…”

Game-Theoretic and Machine Learning-based Approaches for Defensive Deception: A Survey

Simulating Deception for Web Applications Using Reinforcement Learning

A hybrid cyber defense framework for reconnaissance attack in industrial control systems