Log In Sign Up

Deep Down the Rabbit Hole: On References in Networks of Decoy Elements

by   Daniel Reti, et al.

Deception technology has proven to be a sound approach against threats to information systems. Aside from well-established honeypots, decoy elements, also known as honeytokens, are an excellent method to address various types of threats. Decoy elements are causing distraction and uncertainty to an attacker and help detecting malicious activity. Deception is meant to be complementing firewalls and intrusion detection systems. Particularly insider threats may be mitigated with deception methods. While current approaches consider the use of multiple decoy elements as well as context-sensitivity, they do not sufficiently describe a relationship between individual elements. In this work, inter-referencing decoy elements are introduced as a plausible extension to existing deception frameworks, leading attackers along a path of decoy elements. A theoretical foundation is introduced, as well as a stochastic model and a reference implementation. It was found that the proposed system is suitable to enhance current decoy frameworks by adding a further dimension of inter-connectivity and therefore improve intrusion detection and prevention.


page 1

page 2

page 3

page 4


Feature selection for intrusion detection systems

In this paper, we analyze existing feature selection methods to identify...

A Hybrid Approach for an Interpretable and Explainable Intrusion Detection System

Cybersecurity has been a concern for quite a while now. In the latest ye...

A Question of Context: Enhancing Intrusion Detection by Providing Context Information

Due to the fourth industrial revolution, and the resulting increase in i...

A Taxonomy and Survey of Intrusion Detection System Design Techniques, Network Threats and Datasets

With the world moving towards being increasingly dependent on computers ...

Secure (S)Hell: Introducing an SSH Deception Proxy Framework

Deceiving an attacker in the network security domain is a well establish...

Framework to Describe Intentions of a Cyber Attack Action

The techniques and tactics used by cyber adversaries are becoming more s...