Multi-paradigm deception modeling for cyber defense

Research output: Contribution to journalArticle

1 Citation (Scopus)

Abstract

Security-critical systems demand multiple well-balanced mechanisms to detect ill-intentioned actions and protect valuable assets from damage while keeping costs in acceptable levels. The use of deception to enhance security has been studied for more than two decades. However, deception is still included in the software development process in an ad-hoc fashion, typically realized as single tools or entire solutions repackaged as honeypot machines. We propose a multi-paradigm modeling approach to specify deception tactics during the software development process so that conflicts and risks can be found in the initial phases of the development, reducing costs of ill-planned decisions. We describe a metamodel containing deception concepts that integrates other models, such as a goal-oriented model, feature model, and behavioral UML models to specify static and dynamic aspects of a deception operation. The outcome of this process is a set of deception tactics that is realized by a set of deception components integrated with the system components. The feasibility of this multi-paradigm approach is shown by designing deception defense strategies for a students’ presence control system for the Faculty of Science and Technology of Universidade NOVA de Lisboa.

Original languageEnglish
Pages (from-to)32-51
Number of pages20
JournalJournal of Systems and Software
Volume141
DOIs
Publication statusPublished - 1 Jul 2018

Keywords

  • Deception
  • Model-driven
  • Security

Fingerprint Dive into the research topics of 'Multi-paradigm deception modeling for cyber defense'. Together they form a unique fingerprint.

  • Cite this