Defending cyberspace with fake honeypots

Journal of Computers (Finland)

Volumn 2, Issue 2, 2007, Pages 25-36

  Rowe, Neil C ^a   Custy, E John ^b   Duong, Binh T ^b  

^a NAVAL POSTGRADUATE SCHOOL   (United States)

^b Navigation and Applied Sciences Department   (United States)

Author keywords

Deception; Defense; Honeypots; Intrusion detection systems; Signatures

Indexed keywords

NETWORK SECURITY;

DECEPTION; DEFENSE; HONEYPOTS; INTRUSION DETECTION SYSTEMS; SIGNATURES;

INTRUSION DETECTION;

EID: 70449122071     PISSN: 1796203X     EISSN: None     Source Type: Journal    
DOI: 10.4304/jcp.2.2.25-36     Document Type: Article

References (31)

1. The Honeynet Project, Know Your Enemy: Learning about Security Threats, Second Edition. Boston, MA: Addison-Wesley, 2004.
2. M. Vrable, J. Ma, J. Chen, D. Moore, E Vadekieft, A. Snoeren, G. Voelker, and S. Savage, "Scalability, fidelity, and containment in the Potemkin Virtual Honeyfarm", Proc. ACM Symposium on Operating Systems Principles, Brighton UK, 148-162, 2005.
3. B. McCarty, "The honeynet arms race," IEEE Security and Privacy, 1(6), pp. 79-82, November/December 2003.
4. C. V. Ford, Lies! Lies!! Lies!!! The Psychology of Deceit. Washington, DC: American Psychiatric Press, 1996.
5. P. Sztompka, Trust. London, UK: Cambridge University Press, 1999.
6. W. Tirenin and D. Faatz, "A concept for strategic cyber defense," Proc. Conf. on Military Communications, Atlantic City, NJ, Vol. 1, pp. 458-463, October 1999.
7. J. Bell, and B. Whaley, Cheating and Deception. New Brunswick, NJ: Transaction Publishers, 1991.
8. J. Dunnigan and A. Nofi, Victory and Deceit, second edition: Deception and Trickery in War. San Jose, CA: Writers Club Press, 2001.
9. N. Rowe, "A taxonomy of deception in cyberspace," International Conference on Information Warfare and Security, Princess Anne, MD, pp. 173-181, March 2006.
10. N. Krawetz, "Anti-honeypot technology," IEEE Security and Privacy, 2(1), pp. 76-79, Jan.-Feb. 2004.
11. X. Fu, W. Yu, D. Cheng, X. Tan, K. Streff, & S. Graham, "On recognizing virtual honeypots and countermeasures," Proc. 2nd IEEE International Symposium on Dependable, Autonomic, and Secure Computing, Indianapolis, Indiana, pp. 211-218, September 2006.
12. M. Dornseif, T. Holz, and C. Klein, "NoSEBrEaK - attacking honeynets," Proc. IEEE Workshop on Information Assurance and Security, West Point, NY, 1555, June 2004.
13. T. Holz and F. Raynal, "Detecting honeypots and other suspicious environments," Proc. 6th SMC Information Assurance Workshop, West Point, NY, pp. 29-36, June 2005.
14. N. Rowe, "Measuring the effectiveness of honeypot counter-counterdeception," Proc. 39th Hawaii International Conference on Systems Sciences, Poipu, HI, January 2006.
15. C. Zou, and R. Cunningham, "Honeypot-aware advanced botnet construction and maintenance," Proc. International Conf. on Dependable Systems and Networks, pp. 199-208, June 2006.
16. M. Belmonte, R. Conejo, J. Perez-De-La-Cruz, and F. Triguero, "Experiments on robustness and deception in a coalition formation model," Concurrency and Computation: Practice & Experience, Vol. 18, no. 4, pp. 371-386. 2006.
17. D. Christian and R. C. Young, "Strategic deception in agents," Proc. 3rd Intl. Joint Conference on Autonomous Agents and Multiagent Systems, New York, NY, pp. 218-226, 2004.
18. W. Hutchinson and M. Warren, Information Warfare: Corporate Attack and Defense in a Digital World, London: Butterworth-Heinemann, 2001.
19. A. Vrij, Detecting Lies and Deceit: The Psychology of Lying and the Implications for Professional Practice, Chichester, UK: Wiley, 2000.
20. R. J. Heuer, "Cognitive factors in deception and counterdeception," in Strategic Military Deception, ed. Daniel, D., & Herbig, K., New York: Pergamon, 1982, pp. 31-69.
21. E. Santos and G. Johnson, "Toward Detecting Deception in Intelligent Systems," Proc. SPIE Defense & Security Symposium, Vol. 5423, Orlando, Florida, 2004.
22. S. Grazioli and A. Wang, "Looking without seeing: understanding unsophisticated consumers' success and failure to detect Internet deception," Proc. 22nd Intl. Conf. on Information Systems, pp. 193-204, 2001.
23. th Hawaii Intl. Conf. on System Sciences, Honolulu, HI, 44.1, 2003.
24. T. Cover and J. Thomas, Elements of Information Theory, 2nd Ed. New York: Wiley, 2006.
25. S. Gerwehr, J. Rothenberg, and R. H. Anderson, "An arsenal of deceptions for INFOSEC," Project Memorandum, National Defense Research Institute, Rand Corp., PM-1167-NSA, October 1999.
26. S. Kaza, S. Murthy, and G. Hu, "Identification of deliberately doctored text documents using frequent keyword chain (FKC) model," Proc. IEEE Intl. Conf. on Information Reuse and Integration, October 2003, pp. 398-405.
27. G. Klein, Sources of Power: How People Make Decisions. Cambridge, MA: MIT Press, 1999.
28. B. T. Duong, "Comparisons of attacks on honeypots with those on real networks," M.S. thesis, Naval Postgraduate School, www.cs.nps.navy.mil/people/faculty/rowe/oldstudents/duong_thesis_final.htm, March 2006.
29. N. C. Rowe, H.-C. Goh, S. L. Lim, and B. T. Duong, "Experiments with a testbed for automated defensive deception planning for cyber-attacks," 2nd International Conference in I-Warfare and Security, Monterey CA, USA, March 2007.
30. R. Pang, V. Yegneswaran, P. Barford, V. Paxson, and L. Peterson, "Characteristics of Internet background radiation," Proc. 4th ACM SIGCOMM Conference on Internet Measurement, Taormina, IT, pp. 27-40, 2004.
31. J. Zdziarski, Ending Spam: Bayesian Content Filtering and the Art of Statistical Language Classification. San Francisco: No Starch Press, 2005.