Secure Cyber Deception Architecture and Decoy Injection to Mitigate the Insider Threat

Park, Kyungmin; Woo, Samuel; Moon, Daesung; Choi, Hoon

doi:10.3390/sym10010014

Cited by 16 publications

(20 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…[29] stresses the importance of web-based applications and extensively outlines the possible use scenarios of deception techniques which can be incorporated into application-layer traffic of web applications for detecting various web-based application attacks. [30] went further in his research to give an extensive game-theoretical taxonomy for deception-based techniques. [31] In their paper, [32] gives an all-encompassing overview of deception-based technology including in-depth discussions on taxonomies, psychological concepts of deception, implementation of deception based, legal and ethics issues.…”

Section: Related Workmentioning

confidence: 99%

Cutting Edge Trends in Deception Based Intrusion Detection Systems—A Survey

Oluoha¹,

Yange²,

Okereke³

et al. 2021

JIS

View full text Add to dashboard Cite

Cyber criminals have become a formidable treat in today's world. This present reality has placed cloud computing platforms under constant treats of cyber-attacks at all levels, with an ever-evolving treat landscape. It has been observed that the number of threats faced in cloud computing is rising exponentially mainly due to its widespread adoption, rapid expansion and a vast attack surface. One of the front-line tools employed in defense against cyber-attacks is the Intrusion Detection Systems (IDSs). In recent times, an increasing number of researchers and cyber security practitioners alike have advocated the use of deception-based techniques in IDS and other cyber security defenses as against the use of traditional methods. This paper presents an extensive overview of the deception technology environment, as well as a review of current trends and implementation models in deception-based Intrusion Detection Systems. Issues mitigating the implementation of deception based cyber security defenses are also investigated.

show abstract

Section: Related Workmentioning

confidence: 99%

Cutting Edge Trends in Deception Based Intrusion Detection Systems—A Survey

Oluoha¹,

Yange²,

Okereke³

et al. 2021

JIS

View full text Add to dashboard Cite

show abstract

“…, a i n ) denotes the fingerprint of container s i which contains n attributes. Thus, the deception overhead of modifying the fingerprint from f 1 (a 1 1 , . .…”

Section: Deception Overheadmentioning

confidence: 99%

“…Network reconnaissance refers to a precursory step of advanced attacks [1]. Since cloud computing presents a convenient remote network access method, the cyber assets (e.g., containers) are more likely to be identified, enumerated, investigated, and fingerprinted [2], [3].…”

Section: Introductionmentioning

confidence: 99%

A Cyber Deception Method Based on Container Identity Information Anonymity

Zeng

et al. 2021

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

Existing cyber deception technologies (e.g., operating system obfuscation) can effectively disturb attackers' network reconnaissance and hide fingerprint information of valuable cyber assets (e.g., containers). However, they exhibit ineffectiveness against skilled attackers. In this study, a proactive fingerprint deception method is proposed, termed as Continuously Anonymizing Containers' Fingerprints (CACF), which modifies the container's fingerprint in the cloud resource pool to satisfy the anonymization standard. As demonstrated by experimental results, the CACF can effectively increase the difficulty for attackers.

show abstract

“…From previous research [12][13][14] and descriptions related to insider threat detection and analysis based on machine learning methodology, we selected the classification and clustering concepts as well as the related techniques [15,16] for anomaly detection and misuse as the main scope of this research.…”

Section: Insider Threats Based On Machine Learning Approachmentioning

confidence: 99%

Study on Inside Threats Based on Analytic Hierarchy Process

Seo

Kim

2020

Symmetry

View full text Add to dashboard Cite

Insider threats that occur within organizations cause more serious damage than external threats. However, there are many factors that are difficult to determine, such as the definition, classification, and severity of security breaches; hence, it is necessary to analyze system logs and user behavior-based scenarios within organizations. The reality is that qualitative judgment criteria are different for everyone to apply, and there is no detailed verification procedure to compare them objectively. In this study, realistic insider threats were examined through the definition, classification, and correlation/association analysis of various human–machine logs of acts associated with security breaches that occur in an organization. In addition, a quantitative process and decision-making tool were developed for insider threats by establishing various internal information leakage scenarios. As a result, insider threats were assessed quantitatively and a decision-making process was completed that enabled case analysis based on several insider threat scenarios. This study will enable precise modeling of insider threats that occur in real organizations and will support an objective process and a decision-making system to establish a range of required information for security protection measures.

show abstract

Secure Cyber Deception Architecture and Decoy Injection to Mitigate the Insider Threat

Cited by 16 publications

References 25 publications

Cutting Edge Trends in Deception Based Intrusion Detection Systems—A Survey

Cutting Edge Trends in Deception Based Intrusion Detection Systems—A Survey

A Cyber Deception Method Based on Container Identity Information Anonymity

Study on Inside Threats Based on Analytic Hierarchy Process

Contact Info

Product

Resources

About