Active cyber defense with denial and deception: A cyber-wargame experiment
نویسندگان
چکیده
In January 2012, MITRE performed a real-time, red team/blue team cyber-wargame experiment. This presented the opportunity to blend cyber-warfare with traditional mission planning and execution, including denial and deception tradecraft. The cyberwargame was designed to test a dynamic network defense cyber-security platform being researched in The MITRE Corporation’s Innovation Program called Blackjack, and to investigate the utility of using denial and deception to enhance the defense of information in command and control systems. The Blackjack tool failed to deny the adversary access to real information on the command and control mission system. The adversary had compromised a number of credentials without the computer network defenders’ knowledge, and thereby observed both the real command and control mission system and the fake command and control mission system. However, traditional denial and deception techniques were effective in denying the adversary access to real information on the real command and control mission system, and instead provided the adversary with access to false information on a fake command and control mission system. a 2013 Elsevier Ltd. All rights reserved.
منابع مشابه
Deception in defense of computer systems from cyber-attack
While computer systems can be quite susceptible to deception by attackers, deception by defenders has increasingly been investigated in recent years. Military history has classic examples of defensive deceptions, but not all tactics and strategies have analogies in cyberspace. Honeypots are the most important example today; they are decoy computer systems designed to encourage attacks to collec...
متن کاملScientometrics of Deception, Counter-deception, and Deception Detection in Cyber-space
The concepts of deception, counter-deception, and deception detection in the cyber-space domain have been the subject of little systematic analysis. Our objective was to conduct scientometric analyses of these concepts in the cyber-space domain. We observed the following: Although various deceptive tactics are addressed in the cyber-security literature, it appears they are characterized more fr...
متن کاملUsing Bayesian Attack Detection Models to Drive Cyber Deception
We present a method to devise, execute, and assess a cyber deception. The aim is to cause an adversary to believe they are under a cyber attack when in fact they are not. Cyber network defense relies on human and computational systems that can reason over multiple individual evidentiary items to detect the presence of meta events, i.e., cyber attacks. Many of these systems aggregate and reason ...
متن کاملProactive Defense Against Physical Denial of Service Attacks Using Poisson Signaling Games
While the Internet of things (IoT) promises to improve areas such as energy efficiency, health care, and transportation, it is highly vulnerable to cyberattacks. In particular, distributed denial-of-service (DDoS) attacks overload the bandwidth of a server. But many IoT devices form part of cyber-physical systems (CPS). Therefore, they can be used to launch “physical” denial-of-service attacks ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Computers & Security
دوره 37 شماره
صفحات -
تاریخ انتشار 2013