Baiting inside attackers using decoy documents

Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering

Volumn 19 LNICST, Issue , 2009, Pages 51-70

  Bowen, Brian M ^a   Hershkop, Shlomo ^a   Keromytis, Angelos D ^a   Stolfo, Salvatore J ^a  

^a Columbia University ^*  (United States)

Author keywords

[No Author keywords available]

Indexed keywords

AUTOMATICALLY GENERATED; DEFENSE MECHANISM; FILE SYSTEMS; HONEYPOTS; INSIDER ATTACK; INSIDER THREAT; MISUSE DETECTION; SENSITIVE INFORMATIONS; USER MODELING;

SECURITY OF DATA; TELECOMMUNICATION NETWORKS;

COMPUTER PRIVACY;

EID: 84885891904     PISSN: 18678211     EISSN: None     Source Type: Book Series    
DOI: 10.1007/978-3-642-05284-2_4     Document Type: Conference Paper

References (29)

1. Bell, D.E., LaPadula, L.J.: Secure Computer Systems: Mathematical Foundations, MITRE Corporation (1973)
2. Bell, J., Whaley, B.: Cheating and Deception. Transaction Publishers, New Brunswick (1982)
3. Butler, J., Sherri, S.: Security: Spyware and Rootkits. In: Login, December 2004, vol. 29(6) (2004)
4. Clark, D.D., Wilson, D.R.: A Comparison of Commercial and Military Computer Security Policies. In: IEEE Symposium on Security and Privacy, pp. 184-194 (1987)
5. Demers, A., Gehrke, J., Hong, M., Panda, B., Riedewald, M., Sharma, V., White, W.: Cayuga: A General Purpose Event Monitoring System. In: CIDR, pp. 412-422 (2007)
6. Detristan, T., Ulenspiegel, T., Malcom, Y., Von Underduk, M.S.: Polymorphic Shellcode Engine Using Spectrum Analysis. Phrack 11, 61-69 (2003)
7. Friess, N., Aycock, J.: Black Market Botnets. Department of Computer Science, University of Calgary, TR 2007-873-25 (July 2007)
8. Hoang, M.: Handling Today's Tough Security Threats. Symantec Security Response (2006)
9. The Honeynet Project, http://www.honeynet.org
10. The Honeynet Project, Know Your Enemy: Sebek, A Kernel based data capture tool (November 2003)
11. Honeypot Mailing List, Security Focus, http://www.securityfocus.com/ archive/119
12. Katz, J., Yehuda, L.: Introduction to Modern Cryptography. Chapman and Hall CRC Press, Boca Raton (2007)
13. Kravets, D.: From Riches to Prison: Hackers Rig Stock Prices. Wired Blog Network (September 2008)
14. Krebs, B.: Web Fraud 2.0: Validating Your Stolen Goods. The Washington Post (August 20, 2008)
15. Li, W., Stolfo, S.J., Stavrou, A., Androulaki, E., Keromytis, A.: A Study of Malcode-Bearing Documents. In: Hämmerli, B.M., Sommer, R. (eds.) DIMVA 2007. LNCS, vol. 4579, pp. 231-250. Springer, Heidelberg (2007)
16. Maloof, M., Stephens, G.D.: ELICIT: A System for Detecting Insiders Who Violate Need-to-know. In: Kruegel, C., Lippmann, R., Clark, A. (eds.) RAID 2007. LNCS, vol. 4637, pp. 146-166. Springer, Heidelberg (2007)
17. McRae, C.M., Vaughn, R.B.: Phighting the Phisher: Using Web Bugs and Honey-tokens to Investigate the Source of Phishing Attacks. In: Proceedings of the 40th Hawaii International Conference on System Sciences (2007)
18. Orbiscom, http://www.orbiscom.com/
19. Richardson, R.: CSI/FBI Computer Crime and Security Survey (2007)
20. Smith, R.M.: Microsoft Word Documents that Phone Home. Privacy Foundation (August 2000)
21. Song, Y., Locasto, M.E., Stavrou, A., Keromytis, A.D., Stolfo, S.J.: On the in-feasibility of modeling polymorphic shellcode. In: Proceedings of the 14th ACM conference on Computer and communications security (CCS 2007), pp. 541-551 (2007)
22. Spitzner, L.: Honeypots: Catching the Insider Threat. In: Proceedings of ACSAC, Las Vegas (December 2003)
23. Spitzner, L.: Honeytokens: The Other Honeypot. Security Focus (2003)
24. Stoll, C.: The Cuckoo's Egg. Doubleday (1989)
25. Symantec. Global Internet Security Threat Report, Trends for July-December 2007 (April 2008)
26. Webb, S., Caverlee, J., Pu, C.: Social Honeypots: Making Friends with a Spammer Near You. In: Proceedings of the Fifth Conference on Email and Anti-Spam (CEAS 2008), Mountain View, CA (August 2008)
27. Ye, N.: Markov Chain Model of Temporal Behavior for Anomaly Detection. In: Proceedings of the 2000 IEEE Workshop on Information Assurance and Security, United States Military Academy, West Point, NY, June 2000, pp. 171-174 (2000)
28. Yuill, J., Denning, D., Feer, F.: Using Deception to Hide Things from Hackers: Processes, Principles, and Techniques. Journal of Information Warfare 5(3), 26-40 (2006)
29. Yuill, J., Zappe, M., Denning, D., Feer, F.: Honeyfiles: Deceptive Files for Intrusion Detection. In: Proceedings of the 2004 IEEE Workshop on Information Assurance, United States Military Academy, West Point, NY, June 2004, pp. 116-122 (2004)