Yukio Aoike, Masaki Kamizono, Masashi Eto, Noriko Matsumoto, N. Yoshida
{"title":"没有可用性退化的基于诱饵文件的欺骗","authors":"Yukio Aoike, Masaki Kamizono, Masashi Eto, Noriko Matsumoto, N. Yoshida","doi":"10.1109/CSDE53843.2021.9718420","DOIUrl":null,"url":null,"abstract":"Cyber attacks are getting more and more sophisticated these days, and it is getting much more difficult to prevent attackers from intruding into organization networks thoroughly. Therefore, we have to consider interior countermeasures under the assumption of potential intrusion and attacks. Deception is one of such countermeasures, and getting regarded more important. We provide fake but plausible information in the form of decoy files and servers as if they would be true so as to deceive intruders. Deception helps intrusion detection, and attack retardation. However, such fake information mixed among true information may make legitimate operators and users confused, and degrades usability severely. This paper aims at retaining the usability even in deception, focusing on the case of decoy file installation in particular. We introduce a mechanism to hide decoy files for legitimate users’ file browsers and explorers, and present how it retains usability for legitimate users while maintaining deception effects to attackers.","PeriodicalId":166950,"journal":{"name":"2021 IEEE Asia-Pacific Conference on Computer Science and Data Engineering (CSDE)","volume":"25 6","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-12-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Decoy-File-Based Deception without Usability Degradation\",\"authors\":\"Yukio Aoike, Masaki Kamizono, Masashi Eto, Noriko Matsumoto, N. Yoshida\",\"doi\":\"10.1109/CSDE53843.2021.9718420\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cyber attacks are getting more and more sophisticated these days, and it is getting much more difficult to prevent attackers from intruding into organization networks thoroughly. Therefore, we have to consider interior countermeasures under the assumption of potential intrusion and attacks. Deception is one of such countermeasures, and getting regarded more important. We provide fake but plausible information in the form of decoy files and servers as if they would be true so as to deceive intruders. Deception helps intrusion detection, and attack retardation. However, such fake information mixed among true information may make legitimate operators and users confused, and degrades usability severely. This paper aims at retaining the usability even in deception, focusing on the case of decoy file installation in particular. We introduce a mechanism to hide decoy files for legitimate users’ file browsers and explorers, and present how it retains usability for legitimate users while maintaining deception effects to attackers.\",\"PeriodicalId\":166950,\"journal\":{\"name\":\"2021 IEEE Asia-Pacific Conference on Computer Science and Data Engineering (CSDE)\",\"volume\":\"25 6\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-12-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 IEEE Asia-Pacific Conference on Computer Science and Data Engineering (CSDE)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CSDE53843.2021.9718420\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE Asia-Pacific Conference on Computer Science and Data Engineering (CSDE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSDE53843.2021.9718420","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Decoy-File-Based Deception without Usability Degradation
Cyber attacks are getting more and more sophisticated these days, and it is getting much more difficult to prevent attackers from intruding into organization networks thoroughly. Therefore, we have to consider interior countermeasures under the assumption of potential intrusion and attacks. Deception is one of such countermeasures, and getting regarded more important. We provide fake but plausible information in the form of decoy files and servers as if they would be true so as to deceive intruders. Deception helps intrusion detection, and attack retardation. However, such fake information mixed among true information may make legitimate operators and users confused, and degrades usability severely. This paper aims at retaining the usability even in deception, focusing on the case of decoy file installation in particular. We introduce a mechanism to hide decoy files for legitimate users’ file browsers and explorers, and present how it retains usability for legitimate users while maintaining deception effects to attackers.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
