Software Deception Steering through Version Emulation
نویسندگان
چکیده
Determined cyber adversaries often strategize their attacks by carefully selecting high-value target machines that host insecure (e.g., unpatched) legacy software. In this paper, we propose a moving-target approach to thwart and countersurveil such adversaries, wherein live (non-decoy) enterprise software services are automatically modified deceptively emulate vulnerable versions entice attackers. A game-theoretic framework chooses which emulated stacks, versions, configurations, vulnerabilities yield the best defensive payoffs most useful threat data given specific attack model. The results show effective movement strategies can be computed account for pragmatic aspects of deception, as utility various intelligence-gathering actions, impact vulnerabilities, performance costs patch deployment, complexity exploits, attacker profile.
منابع مشابه
An Evaluation of Intel Software Guard Extensions Through Emulation
The Intel Software Guard Extensions (SGX) technology, recently introduced in the new generations of x86 processors, allows the execution of applications in a fully protected environment (i.e., within enclaves). Because it is a recent technology, machines that rely on this technology are still a minority. In order to evaluate the SGX, an emulator of this technology (called OpenSGX) implements an...
متن کاملSoftware Faults Emulation by Software Fault Injection
In Computer Science, an emulator is hardware or software or both that duplicates (or emulates) the functions of one computer system (the guest) in another computer system (the host), different from the first one, so that the emulated behavior closely resembles the behavior of the real system (the guest).The computer systems are an affected by software and hardware fault, solved in numerous mech...
متن کاملSoftware Faults Emulation by Software Fault Injection
In Computer Science, an emulator is hardware or software or both that duplicates (or emulates) the functions of one computer system (the guest) in another computer system (the host), different from the first one, so that the emulated behavior closely resembles the behavior of the real system (the guest). The computer systems are an affected by software and hardware fault, solved in numerous mec...
متن کاملResearch through deception.
On a spring evening two years ago, Steve Kaufinan, a wiry 18-year-old whose plain-featuced intensity reminds — one of Dustin Hoffinan, hurried across the Stanford University campus to what he thought would be an' interesting and enjoyable experience. He was headed for Jordan Hall, where the department of psychology is housed and where he had been receiving training as a hypnotic subject, prepar...
متن کاملEmulation-Tool for software development
A major computer operations problem is the conversion of programs from one language to another when a replacement computer is acquired. Emulation was developed as one solution to the conversion problem. Emulation allows the machine instructions of the emulated (target) machine to be executed on the emulating (host) machine. Thus permanent program conversion is avoided. Frequently, emulated prog...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Proceedings of the ... Annual Hawaii International Conference on System Sciences
سال: 2021
ISSN: ['2572-6862', '1530-1605']
DOI: https://doi.org/10.24251/hicss.2021.243