论文信息 - A Framework for Intrusion Deception on Web Servers

A Framework for Intrusion Deception on Web Servers

Threats against computer systems continue to multiply, but existing security solutions that attempt to keep the attacker out of the system are becoming unable to keep pace with these challenges. In this paper we discuss the application of military deception to defend computer systems. Deception techniques enable the defender to influence the attacker's selection of targets and thus direct him to perform actions that reveal his presence and intentions. We discuss techniques that mislead attackers and cause them to take specific actions that aid in the defense of a computer system. We then focus on web servers, that are frequently attacked often as a first step of a deeper intrusion into a computer network, and present an architecture integrating deception into a popular web server.

Constantine Katsinis | Brijesh Kumar

[1] Matt Bishop,et al. Inconsistency in deception for defense , 2006, NSPW '06.

[2] N. Rowe. Deception in defense of computer systems from cyber-attack , 2007 .

[3] Neil C. Rowe,et al. Two Taxonomies of Deception for Attacks on Information Systems , 2004 .

[4] James Bret Michael,et al. Intelligent Software Decoys , 2001 .

[5] Salvatore J. Stolfo,et al. BotSwindler: Tamper Resistant Injection of Believable Decoys in VM-Based Hosts for Crimeware Detection , 2010, RAID.

[6] Nick Kew. The Apache Modules Book: Application Development with Apache , 2007 .

[7] Fred Cohen,et al. Leading attackers through attack graphs with deceptions , 2003, Comput. Secur..

[8] T. Holz,et al. Detecting honeypots and other suspicious environments , 2005, Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop.

[9] Mikhail Auguston,et al. AN EXPERIMENT IN SOFTWARE DECOY DESIGN Intrusion Detection and Countermeasures via System Call Instrumentation , 2003 .

[10] James Bret Michael,et al. On the response policy of software decoys: Conducting software-based deception in the cyber battlespace , 2002, Proceedings 26th Annual International Computer Software and Applications.

[11] Salvatore J. Stolfo,et al. Bait and Snitch: Defending Computer Systems with Decoys , 2013 .