상세정보
학술지
Secure Cyber Deception Architecture and Decoy Injection to Mitigate the Insider Threat
- 발행일
- 201801
- 출처
- Symmetry, v.10 no.1, pp.1-16
- ISSN
- 2073-8994
- 출판사
- MDPI AG
- 협약과제
- 17HH4100, 능동적 사전보안을 위한 사이버 자가변이 기술 개발, 문대성
- 초록
- We propose a novel dynamic host mutation (DHM) architecture based on moving target defense (MTD) that can actively cope with cyberattacks. The goal of the DHM is to break the cyber kill chain, expand the attack surface to increase the attacker's target analysis cost, and disrupt the attacker's fingerprinting to disable the server trace. We define the participating entities that share the MTD policy within the enterprise network or the critical infrastructure, and define functional modules of each entity for DHM enforcement. The threat model of this study is an insider threat of a type not considered in previous studies. We define an attack model considering an insider threat and propose a decoy injection mechanism to confuse the attacker. In addition, we analyze the security of the proposed structure and mechanism based on the security requirements and propose a trade-off considering security and availability.
- KSP 제안 키워드
- Attack Surface, Critical Infrastructure, Cyber deception, Injection mechanism, Insider Threat, Kill chain, Moving Target Defense, Security requirements, Target analysis, Threat model, Trade-off
본 저작물은 크리에이티브 커먼즈 저작자 표시 (CC BY) 조건에 따라 이용할 수 있습니다.
