Dynamic Address Validation Array (DAVA)

Brown, Richard F.; Marti, Alex; Jenkins, Chris; Shannigrahi, Susmit

doi:10.1145/3411496.3421221

Cited by 5 publications

(1 citation statement)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…On a micro level, MTD was combined with other elements such as Honey-X and decoys, thereby being conceptualized considering diversified mutation items. In addition, MTD is a potential "game-changing" security solution in special domains such as cyber-physical systems, autonomous vehicles, smart factories, and smart grids that have unprotected communication characteristics [3,[36][37][38][39][40].…”

Section: Background Of Cyber Deceptionmentioning

confidence: 99%

IoDM: A Study on a IoT-Based Organizational Deception Modeling with Adaptive General-Sum Game Competition

Seo

Kim

2022

Electronics

View full text Add to dashboard Cite

Moving target defense (MTD) and decoy strategies, measures of active defense, were introduced to secure both the proactive security and reactive adaptability of internet-of-things (IoT) networks that have been explosively applied to various industries without any strong security measures and to mitigate the side effects of threats. However, the existing MTD and decoy strategies are limited to avoiding the attacker’s reconnaissance and initial intrusion attempts through simple structural mutations or inducing the attackers to a static trap based on the deceptive path and lack approaches to adaptively optimize IoT in consideration of the unique characteristic information by the domain of IoT. Game theory-based and decoy strategies are other options; however, they do not consider the dynamicity and uncertainty of the decision-making stages by the organizational agent related to the IoT domains. Therefore, in this paper, we present a type of organizational deception modeling, namely IoT-based organizational deception modeling (IoDM), which considers both the dynamic topologies and organizational business fingerprints customized in the IoT domain and operational purpose. For this model, we considered the practical scalability of the existing IoT-enabled MTD and decoy concepts and formulated the partially incomplete deceptive decision-making modeling for the cyber-attack and defense competition for IoT in real-time based on the general-sum game. According to our experimental results, the efficiency of the deceptive defense of the IoT defender could be improved by 70% on average while deriving the optimal defense cost compared to the increased defense performance. The findings of this study will improve the deception performances of MTD and decoy strategies by IoT scenarios related to various operational domains such as smart home networks, industrial networks, and medical networks. To the best of our knowledge, this study has employed social-engineering IoT knowledge and general-sum game theory for the first time.

show abstract