Автор: Tiffany Bao, Milind Tambe, Cliff Wang
Издательство: Springer
Серия: Advances in Information Security
Год: 2023
Страниц: 252
Язык: английский
Формат: pdf (true)
Размер: 10.2 MB
This book introduces recent research results for cyber deception, a promising field for proactive cyber defense. The beauty and challenge of cyber deception is that it is an interdisciplinary research field requiring study from techniques and strategies to human aspects. This book covers a wide variety of cyber deception research, including game theory, Artificial Intelligence, cognitive science, and deception-related technology. Specifically, this book addresses three core elements regarding cyber deception:
- Understanding human’s cognitive behaviors in decoyed network scenarios
- Developing effective deceptive strategies based on human’s behaviors
- Designing deceptive techniques that supports the enforcement of deceptive strategies
We seek to create deceptive behaviors by leveraging evasion attacks against deep neural networks (DNNs). In particular, we propose to model an attacker as a DNN whose input is a trace of the observable behavior of a defended system. We then attempt evasion attacks that modify the observed behavior of the defended system such that the modified behavior obeys the above constraints: deceiving the attacker (into taking some action other than the action that would compromise the defended system), while remaining compatible with the original intended behavior of the system.
A central challenge in developing strategies for deception is the difficulty of evaluating them: attackers’ behavior is often not well enough understood to evaluate how it would change in response to changes in the behavior of the system under attack. Hence, we develop and evaluate techniques for implementing deception by studying a proxy problem: malware detection.
Modern malware detectors, both academic and commercial, increasingly rely on Machine Learning (ML) to classify executables as benign or malicious based on features such as imported libraries and API calls. In the space of static malware detection, where an executable is classified prior to its execution, recent efforts have proposed deep neural networks (DNNs) that detect malware from binaries’ raw byte-level representation, with effectiveness similar to that of detectors based on hand-crafted features selected through tedious manual processing.
The research introduced in this book identifies the scientific challenges, highlights the complexity and inspires the future research of cyber deception. Researchers working in cybersecurity and advanced-level Computer Science students focused on cybersecurity will find this book useful as a reference. This book also targets professionals working in cybersecurity.
Скачать Cyber Deception: Techniques, Strategies, and Human Aspects