Designing Adaptive Deception Strategies

Cristiano de Faveri, Ana Moreira

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

5 Citations (Scopus)

Abstract

Deception-based defense is the process by which actions are intentionally employed to cause misrepresentation and induce erroneous inferences on attackers. Deception can be employed in different levels of computation, from network to application-level, which demands careful planning and coordination between multiple strategies and tactics. Despite of advances on using deception in computer defenses, ad-hoc approaches are still used for their design. As a result, deception is realized essentially as single tools or as entire solutions repackaged as honeypot machines. In this paper, we propose a model to specify coordinated deception tactics based on adaptive architectures. Our contributions rely on a deception-based defense life-cycle approach integrated in a software design process, including a model to specify coordinated deception strategies. The feasibility of the proposed approach is shown via an example where a deception strategy is designed for a smartphone application that synchronizes data with a central database.

Original languageEnglish
Title of host publicationProceedings - 2016 IEEE International Conference on Software Quality, Reliability and Security-Companion (QRS-C 2016)
PublisherIEEE
Pages77-84
Number of pages8
ISBN (Electronic)978-150903713-1
DOIs
Publication statusPublished - 21 Sep 2016
Event2nd IEEE International Conference on Software Quality, Reliability and Security-Companion, QRS-C 2016 - Vienna, Austria
Duration: 1 Aug 20163 Aug 2016

Conference

Conference2nd IEEE International Conference on Software Quality, Reliability and Security-Companion, QRS-C 2016
CountryAustria
CityVienna
Period1/08/163/08/16

Keywords

  • computer security
  • deception
  • software design

Fingerprint

Dive into the research topics of 'Designing Adaptive Deception Strategies'. Together they form a unique fingerprint.

Cite this