Abstract
Cyber deception can become an essential component of organizing cyber operations in the modern cyber landscape. Cyber defenders and mission commanders can use cyber deception as an effective means for protecting mission cyber assets and ensuring mission success, through deceiving and diverting adversaries during the course of planning and execution of cyber operations and missions. To enable effective integration of cyber deception, it would be necessary to create a systematic design process for building a robust and sustainable deception system with extensible deception capabilities guided by a Command and Control interface compatible with current Department of Defense and civilian cyber operational practices and standards. In this chapter, the authors discuss various design aspects of designing cyber deception systems that meet a wide range of cyber operational requirements and are appropriately aligned with mission objectives. These design aspects include general deception goals, deception design taxonomy, tradeoff analysis, deception design process, design considerations such as modularity, interfaces and effect to cyber defenders, interoperability with current tools, deception scenarios, adversary engagement, roles of deception in cyber kill chains, and metrics such as adversary work factor. The authors expect to present the challenges and opportunities of designing cyber deception systems and to trigger further thoughts and discussions in the broader research community.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
FM101-5_mdmp. “The Military Decision-Making Process”
“THE JOINT OPERATION PLANNING PROCESS FOR AIR,” Last Updated: 09 November 2012
“Command and Control of Joint Air Operations”, Joint Publication 3–30, 10 February 2014
Joint Publication 1–13.4 “Military Deception”, 26 January 2012
“Thwarting Cyber-Attack Reconnaissance with Inconsistency and Deception”, by Neil C. Rowe and Han C. Goh
NIST Pub 800.53, Rev.4 SC26-SC30
CERIAS Tech Report 2015–11 “Using Deception to Enhance Security: A Taxonomy, Model, and Novel Uses”, by Mohammed H. Almeshekah, Center for Education and Research Information Assurance and Security, Perdue University
Joint Publication 3-12(R) “Cyberspace Operations”, 5 Feb 2013
“Cyber Resiliency & Agility – Call to Action”, by Suzanne Hassell, MITRE Resiliency Workshop May 31, 2012
“Planning Cost-Effective Deceptive Resource Denial in Defense to Cyber-Attacks”, by Neil Rowe. In Proceedings of the 2nd International Conference on Information Warfare & Security, page 177. Academic Conferences Limited, 2007
“Cheating and Deception”, by J. Bowyer Bell and Barton Whaley. Transaction Publishers New Brunswick, 1991.
“The Essence of Winning and Losing”, by Boyd, John, R., 28 June 1995.
“Defending Cyberspace with Fake Honeypots”, by Neil Rowe, E. John Custy, and Binh T. Duong. Journal of Computers, 2(2):25–36, 2007.
“Victory and Deceit: Deception and Trickery at War”, by James F. Dunnigan and Albert A. Nofi. Writers Club Press, 2001.
“Confirmation Bias: A Ubiquitous Phenomenon in Many Guises”, by Raymond S. Nickerson. Review of General Psychology, 2(2):175–220, June 1998
“Extensional Versus Intuitive Reasoning: The Conjunction Fallacy in Probability Judgment”, by Amos Tversky and Daniel Kahneman. Psychological review, 90(4):293–315, 1983.
“Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains”, by Eric M. Hutchins, Michael J. Cloppert, and Rohan M. Amin, Leading Issues in Information Warfare & Security Research, 1:80, 2011.
“Fortitude: The D-Day Deception Campaign”, Roger Hesketh. Overlook Hardcover, Woodstock, NY, 2000.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Briskin, G., Fayette, D., Evancich, N., Rajabian-Schwart, V., Macera, A., Li, J. (2016). Design Considerations for Building Cyber Deception Systems. In: Jajodia, S., Subrahmanian, V., Swarup, V., Wang, C. (eds) Cyber Deception. Springer, Cham. https://doi.org/10.1007/978-3-319-32699-3_4
Download citation
DOI: https://doi.org/10.1007/978-3-319-32699-3_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-32697-9
Online ISBN: 978-3-319-32699-3
eBook Packages: Computer ScienceComputer Science (R0)