Skip to main content
SpringerLink
Log in
Book cover

Adaptive Autonomous Secure Cyber Systems pp 89–107Cite as

A Framework for Studying Autonomic Computing Models in Cyber Deception

  • Chapter
  • First Online:

Abstract

Cyber deception has emerged as a promising approach to increase the amount of effort required to conduct an attack campaign. Since the beginning of deception, several honey-based technologies have been built to defend individual portions of a network attack surface. Different honey-based technologies can be combined to further increase attackers’ cost and elicit behaviors from them which facilitate understanding their intentions and capabilities. Combining different deceptive elements would create a deceptive network surface. As attackers vary in their intentions and capabilities, presenting them with a one-size-fits-all deceptive network surface is inadequate. Therefore, there is clear need for dynamic deceptive network surfaces that are tailored to protect against different adversary classes. In a resource-constrained environment, enabling large-scale monitoring, data processing, deception planning and subsequently, deploying a customized deceptive network surface in real-time will be challenging if done manually. We envision that models inspired from the autonomic computing paradigm can efficiently tackle such challenges. To enable the development of such models and provide empirical evidence to validate their efficacy, in this chapter, we will present a framework that can act as a common platform to study different autonomic computing models. The framework is built on top of an existing deception platform called ACyDS. We will describe the current platform and enumerate its capabilities such as sensing the environment and generating deceptive network surfaces. We will also show how a well-known autonomic computing architecture called MAPE-K can be realized through our framework.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   139.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   179.00
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD   179.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Almeshekah MH, Spafford EH, Atallah MJ (2013) Improving security using deception. Center for Education and Research Information Assurance and Security, Purdue University, Tech. Rep. CERIAS Tech Report 13 (2013).

    Google Scholar 

  2. Achleitner S, Porta TL, McDaniel P, Sugrim S, Krishnamurthy SV, Chadha R (2016) Cyber deception: Virtual networks to defend insider reconnaissance. In Proceedings of the 8th ACM CCS international workshop on managing insider security threats, pp. 57–68.

    Google Scholar 

  3. Bercovitch M, Renford M, Hasson L, Shabtai A, Rokach L, Elovici Y (2011) HoneyGen: An automated honeytokens generator. In Intelligence and Security Informatics (ISI), 2011 IEEE International Conference on, pp. 131–136. IEEE.

    Google Scholar 

  4. BIND. http://www.bind9.ne.

  5. Carroll TE, Daniel G (2011) A game theoretic investigation of deception in network security. Security and Communication Networks 4, no. 10: pp. 1162–1172.

    Article  Google Scholar 

  6. Chiang CJ, Gottlieb YM, Sugrim S, Chadha R, Serban C, Poylisher A, Marvel LM, Santos J (2016) ACyDS: An adaptive cyber deception system. In Military Communications Conference, MILCOM 2016, pp. 800–805.

    Google Scholar 

  7. Dionaea. https://github.com/DinoTools/dionaea. Retrieved on 17 July 2018.

  8. Duan Q, Al-Shaer E, Jafarian H (2013) Efficient random route mutation considering flow and network constraints. In IEEE Conference on Communications and Network Security (CNS), pp. 260–268.

    Google Scholar 

  9. Fishburn PC (1970) Utility theory for decision making. No. RAC-R-105. Research analysis corp McLean, VA.

    Google Scholar 

  10. Ganesan R, Jajodia S, Shah A, Cam H (2016) Dynamic scheduling of cybersecurity analysts for minimizing risk using reinforcement learning. ACM Transactions on Intelligent Systems and Technology (TIST) 8, no. 1: pp. 4.

    Article  Google Scholar 

  11. Golla M, Beuscher B, Drmuth M (2016) On the security of cracking-resistant password vaults. In Proceedings of ACM SIGSAC Conference on Computer and Communications Security, pp. 1230–1241. ACM.

    Google Scholar 

  12. Huebscher MC, McCann JA (2008) A survey of autonomic computing - degrees, models, and applications. ACM Computing Surveys (CSUR) 40, no. 3: pp. 7.

    Article  Google Scholar 

  13. IBM Group (2003) An architectural blueprint for autonomic computing. IBM White paper.

    Google Scholar 

  14. OpenFlow. https://www.opennetworking.org/software-defined-standards/specifications/, retrieved on 17 July 2018.

  15. Jajodia S, Ghosh AK, Swarup V, Wang C, Wang XS, eds (2011) Moving target defense: creating asymmetric uncertainty for cyber threats.’ Vol. 54. Springer Science & Business Media.

    Google Scholar 

  16. Juels A, Rivest RL (2013) Honeywords: Making password-cracking detectable. In Proceedings of ACM SIGSAC conference on Computer & communications security, pp. 145–160. ACM.

    Google Scholar 

  17. Kippo - SSH Honeypot. https://github.com/desaster/kippo. Retrieved on 3 November 2018.

  18. Open vSwitch. https://www.openvswitch.org/. Retrieved on 17 July 2018.

  19. Provos N (2003) Honeyd-a virtual honeypot daemon. In 10th DFN-CERT Workshop, Hamburg, Germany, vol. 2, p. 4.

    Google Scholar 

  20. RYU. https://osrg.github.io/ryu/. Retrieved on 5 October 2018.

  21. Robertson S, Alexander S, Micallef J, Pucci J, Tanis J, Macera A (2015) CINDAM: Customized information networks for deception and attack mitigation. In IEEE International Conference on Self-Adaptive and Self-Organizing Systems Workshops (SASOW), pp. 114–119. IEEE.

    Google Scholar 

  22. Venkatesan S, Sugrim S, Izmailov R, Chiang CJ, Chadha R, Doshi B, Hoffman B, Newcomb EA, Buchler N. On Detecting Manifestation of Adversary Characteristics. Accepted in IEEE MILCOM, 2018.

    Google Scholar 

Download references

Acknowledgements

This research was sponsored by the U.S. Army Research Laboratory and was accomplished under Cooperative Agreement Number W911NF-13-2-0045 (ARL Cyber Security CRA). The views and conclusions contained in this document are those of the authors and should not be interpreted as representing the official policies, either expressed or implied, of the Army Research Laboratory or the U.S. Government. The U.S. Government is authorized to reproduce and distribute reprints for Government purposes notwithstanding any copyright notation here on.

Author information

Authors and Affiliations

  1. Perspecta Labs Inc., Basking Ridge, NJ, USA

    Sridhar Venkatesan, Shridatt Sugrim, Jason A. Youzwak, Cho-Yu J. Chiang & Ritu Chadha

Authors
  1. Sridhar Venkatesan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shridatt Sugrim
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jason A. Youzwak
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Cho-Yu J. Chiang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Ritu Chadha
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sridhar Venkatesan .

Editor information

Editors and Affiliations

  1. Center for Secure Information Systems, George Mason University, Fairfax, VA, USA

    Sushil Jajodia

  2. Thayer School of Engineering, Dartmouth College, Hanover, NH, USA

    George Cybenko

  3. Department of Computer Science, Dartmouth College, Hanover, NH, USA

    V.S. Subrahmanian

  4. MS T310, MITRE Corporation, McLean, VA, USA

    Vipin Swarup

  5. Computing and Information Science Division, Army Research Office, Durham, NC, USA

    Cliff Wang

  6. Computer Science & Engineering, University of Michigan, Ann Arbor, MI, USA

    Michael Wellman

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Venkatesan, S., Sugrim, S., Youzwak, J.A., Chiang, CY.J., Chadha, R. (2020). A Framework for Studying Autonomic Computing Models in Cyber Deception. In: Jajodia, S., Cybenko, G., Subrahmanian, V., Swarup, V., Wang, C., Wellman, M. (eds) Adaptive Autonomous Secure Cyber Systems. Springer, Cham. https://doi.org/10.1007/978-3-030-33432-1_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-33432-1_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-33431-4

  • Online ISBN: 978-3-030-33432-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation