论文信息 - Intrusions, Deception, and Campaigns

Intrusions, Deception, and Campaigns

Cyber intrusions consist of cyber attack campaigns, composed of cyber kill chains, which include various cyber attacks, composed of multiple attacks steps. The defender aiming to defeat such cyber intrusions, or reduce their impacts, can use cyber D&D against the attacker. Our analysis reveals opportunities for cyber-D&D at each phase of this cyber intrusion model. In this chapter we examine cyber-D&D options for the various phases of the cyber kill chain, and propose a model for planning, preparing, and executing active defense cyber-D&D operations. The chapter concludes with an examination of how to advance mission goals across intrusion campaigns by developing deception campaigns.Cyber intrusion tactics and strategies have advanced considerably over the last two decades. Analysts have drawn on empirical observations to formulate high-level models of cyber intrusions. The four-tiered pyramidal model of intrusions in Fig. 3.1 depicts various granularities of abstractions in such models.

Roshan K. Thomas | Frank J. Stech | Kristin E. Heckman | Ben Schmoker | Alexander W. Tsow

[1] T. Holt. The Deceivers: Allied Military Deception in the Second World War , 2004 .

[2] Richard J. Norton,et al. Practise to Deceive: Learning Curves of Military Deception Planners , 2016 .

[3] Mary Kathryn Barbier. D-Day Deception: Operation Fortitude and the Normandy Invasion , 2007 .