Abstract
Deception-based mechanisms are typically used to enhance overall security by causing misperception on adversaries who take actions in favor of defense. The process of creating deception is complex and demands careful planning to maximize the benefits while mitigating potential risks. Advances in creating deception planning processes for cyber security are generally based on military tactics, where deception has a long history. However, the complexity of computer systems demands deception planning processes that fit the needs of integrating deception into traditional software security mechanisms. This paper presents a survey of existing deception planning processes in military and digital realms. The goal of this review is to identify the scope of deception planning models, which tools have been used to plan deception, and how the planning is integrated into other activities in the software development phases. We identified 20 different features in the studies, which we used to compare them. The outcome of this survey can be used to facilitate the understanding of how deception planning has been conducted and supported while identifying potential gaps to be addressed in future research.
Original language | English |
---|---|
Title of host publication | Proceedings of the 2017 17th International Conference on Computational Science and Its Applications, ICCSA 2017 |
Publisher | Institute of Electrical and Electronics Engineers (IEEE) |
ISBN (Electronic) | 978-153863893-4 |
DOIs | |
Publication status | Published - 1 Aug 2017 |
Event | 17th International Conference on Computational Science and Its Applications, ICCSA 2017 - Trieste, Italy Duration: 3 Jul 2017 → 6 Jul 2017 |
Conference
Conference | 17th International Conference on Computational Science and Its Applications, ICCSA 2017 |
---|---|
Country/Territory | Italy |
City | Trieste |
Period | 3/07/17 → 6/07/17 |
Keywords
- Planning
- Computer security
- Tools
- Databases