Deception planning models for cyber security

Cristiano De Faveri, Ana Moreira, Eric Souza

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

4 Citations (Scopus)

Abstract

Deception-based mechanisms are typically used to enhance overall security by causing misperception on adversaries who take actions in favor of defense. The process of creating deception is complex and demands careful planning to maximize the benefits while mitigating potential risks. Advances in creating deception planning processes for cyber security are generally based on military tactics, where deception has a long history. However, the complexity of computer systems demands deception planning processes that fit the needs of integrating deception into traditional software security mechanisms. This paper presents a survey of existing deception planning processes in military and digital realms. The goal of this review is to identify the scope of deception planning models, which tools have been used to plan deception, and how the planning is integrated into other activities in the software development phases. We identified 20 different features in the studies, which we used to compare them. The outcome of this survey can be used to facilitate the understanding of how deception planning has been conducted and supported while identifying potential gaps to be addressed in future research.

Original languageEnglish
Title of host publicationProceedings of the 2017 17th International Conference on Computational Science and Its Applications, ICCSA 2017
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
ISBN (Electronic)978-153863893-4
DOIs
Publication statusPublished - 1 Aug 2017
Event17th International Conference on Computational Science and Its Applications, ICCSA 2017 - Trieste, Italy
Duration: 3 Jul 20176 Jul 2017

Conference

Conference17th International Conference on Computational Science and Its Applications, ICCSA 2017
Country/TerritoryItaly
CityTrieste
Period3/07/176/07/17

Keywords

  • Planning
  • Computer security
  • Tools
  • Databases

Fingerprint

Dive into the research topics of 'Deception planning models for cyber security'. Together they form a unique fingerprint.

Cite this