TY - JOUR
T1 - Multi-paradigm deception modeling for cyber defense
AU - de Faveri, Cristiano
AU - Moreira, Ana
AU - Amaral, Vasco
N1 - CAPES foundation (Ref. 0553-14-0)
NOVA LINCS Research Laboratory (Ref. UID/CEC/04516/ 2013)
PY - 2018/7/1
Y1 - 2018/7/1
N2 - Security-critical systems demand multiple well-balanced mechanisms to detect ill-intentioned actions and protect valuable assets from damage while keeping costs in acceptable levels. The use of deception to enhance security has been studied for more than two decades. However, deception is still included in the software development process in an ad-hoc fashion, typically realized as single tools or entire solutions repackaged as honeypot machines. We propose a multi-paradigm modeling approach to specify deception tactics during the software development process so that conflicts and risks can be found in the initial phases of the development, reducing costs of ill-planned decisions. We describe a metamodel containing deception concepts that integrates other models, such as a goal-oriented model, feature model, and behavioral UML models to specify static and dynamic aspects of a deception operation. The outcome of this process is a set of deception tactics that is realized by a set of deception components integrated with the system components. The feasibility of this multi-paradigm approach is shown by designing deception defense strategies for a students’ presence control system for the Faculty of Science and Technology of Universidade NOVA de Lisboa.
AB - Security-critical systems demand multiple well-balanced mechanisms to detect ill-intentioned actions and protect valuable assets from damage while keeping costs in acceptable levels. The use of deception to enhance security has been studied for more than two decades. However, deception is still included in the software development process in an ad-hoc fashion, typically realized as single tools or entire solutions repackaged as honeypot machines. We propose a multi-paradigm modeling approach to specify deception tactics during the software development process so that conflicts and risks can be found in the initial phases of the development, reducing costs of ill-planned decisions. We describe a metamodel containing deception concepts that integrates other models, such as a goal-oriented model, feature model, and behavioral UML models to specify static and dynamic aspects of a deception operation. The outcome of this process is a set of deception tactics that is realized by a set of deception components integrated with the system components. The feasibility of this multi-paradigm approach is shown by designing deception defense strategies for a students’ presence control system for the Faculty of Science and Technology of Universidade NOVA de Lisboa.
KW - Deception
KW - Model-driven
KW - Security
UR - http://www.scopus.com/inward/record.url?scp=85044574554&partnerID=8YFLogxK
U2 - 10.1016/j.jss.2018.03.031
DO - 10.1016/j.jss.2018.03.031
M3 - Article
AN - SCOPUS:85044574554
SN - 0164-1212
VL - 141
SP - 32
EP - 51
JO - Journal of Systems and Software
JF - Journal of Systems and Software
ER -