The Ethics of Deception in Cyberspace

Rowe, Neil C.

doi:10.4018/9781605660226.ch034

Cited by 6 publications

(6 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The following taxonomy builds on a cyber-specific deception taxonomy proposed by Rowe and based on linguistic case theory. [23] Rowe's taxonomy identifies 32 specific kinds of deception, grouped into seven broader categories. In the following, these categories are applied to social media deception: 1) Spatial cases pertain to misleading locations, directions, etc.…”

Section: A Taxonomy Of Social Media Deceptionmentioning

confidence: 99%

Social media for intelligence: research, concepts, and results

Franke

Rosell

2016

Next-Generation Analyst IV

View full text Add to dashboard Cite

When sampling part of the enormous amounts of social media data it is important to consider whether the sample is representative. Any method of studying the sampled data is also prone to bias.Sampling and bias aside the data may be generated with malicious intent, such as deception. Deception is a complicated (broad, situational, vague) concept. It seems improbable that an automated computer system would be able to find deception as such. Instead, we argue that the role of a system would be to aid the human analyst by detecting indicators, or clues, of (potential) deception. Indicators could take many forms and are typically neither necessary nor sufficient for there to be an actual deception. However, by using one or combining several of them a human may reach conclusions. Indicators are not necessarily dependent and will be added to or removed from the analysis depending on the circumstances. This modularity can help in counteracting/alleviating attacks on the system by an adversary. If we become aware that an indicator is compromised we can remove it from the analysis and/or replace it with a more sophisticated method that give us a similar indication.

show abstract

Section: A Taxonomy Of Social Media Deceptionmentioning

confidence: 99%

Social media for intelligence: research, concepts, and results

Franke

Rosell

2016

Next-Generation Analyst IV

View full text Add to dashboard Cite

show abstract

“…Thus the most useful deception methods for directory information are repackaging and mimicking. Another taxonomy based on case grammar [13] enumerates 32 deceptions in space, time, participant, causality, quality, essence, and preconditions. Most opportunities for deception in a drive directory occur for qualities of a file, which are mainly conveyed by its path (file name and location in the directory scheme), as well as its times, flags, and fragmentation.…”

Section: Finding Deceptionmentioning

confidence: 99%

Finding Anomalous and Suspicious Files from Directory Metadata on a Large Corpus

Rowe

Garfinkel

2012

Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

Self Cite

View full text Add to dashboard Cite

Abstract:We describe a tool Dirim for automatically finding files on a drive that are anomalous or suspicious, and thus worthy of focus during digital-forensic investigation, based on solely their directory information. Anomalies are found both from comparing overall drive statistics and from comparing clusters of related files using a novel approach of "superclustering" of clusters. Suspicious file detection looks for a set of specific clues. We discuss results of experiments we conducted on a representative corpus on 1467 drive images where we did find interesting anomalies but not much deception (as expected given the corpus). Cluster comparison performed best at providing useful information for an investigator, but the other methods provided unique additional information albeit with a significant number of false alarms.

show abstract

“…While these examples may be the most prevalent in national discussions, attacks designed to disrupt the behavior of human operators, often referred to as low and slow attacks, are an emerging threat (Rowe, 2006). While currently an emerging threat, these types of attacks may become more and more prevalent moving forward.…”

Section: Introductionmentioning

confidence: 97%

Exploring the Effects of “Low and Slow” Cyber Attacks on Team Decision Making

Mancuso

Funke

Finomore

et al. 2013

Proceedings of the Human Factors and Ergonomics Society Annual

View full text Add to dashboard Cite

This paper describes an experiment on the effects of low and slow cyber attacks on team decision making. Specifically, the study focuses on how targeted communications, disguised as originating from reliable sources, can be used to disseminate false information and instantiate biases in a team to disrupt normal decision-making processes. Using a team consensus task (the Life Event Stress Test), we manipulated the presence of a shared anchor (the disguised communication), and the presence of individual anchors. Our results indicated that, while teams were able to utilize their collaborative processes to reject the shared anchors, they were still susceptible to individual anchors. While only an introductory study with a limited sample size, the results contribute to both the cyber security and team decision-making literature. Implications for future research are also discussed.

show abstract

The Ethics of Deception in Cyberspace

Cited by 6 publications

References 8 publications

Social media for intelligence: research, concepts, and results

Social media for intelligence: research, concepts, and results

Finding Anomalous and Suspicious Files from Directory Metadata on a Large Corpus

Exploring the Effects of “Low and Slow” Cyber Attacks on Team Decision Making

Contact Info

Product

Resources

About