BROWSE
Detail
Journal Article
Secure Cyber Deception Architecture and Decoy Injection to Mitigate the Insider Threat
- Authors
- Kyungmin Park, Samuel Woo, Daesung Moon, Hoon Choi
- Issue Date
- 2018-01
- Citation
- Symmetry, v.10, no.1, pp.1-16
- ISSN
- 2073-8994
- Publisher
- MDPI AG
- Language
- English
- Type
- Journal Article
- Abstract
- We propose a novel dynamic host mutation (DHM) architecture based on moving target defense (MTD) that can actively cope with cyberattacks. The goal of the DHM is to break the cyber kill chain, expand the attack surface to increase the attacker's target analysis cost, and disrupt the attacker's fingerprinting to disable the server trace. We define the participating entities that share the MTD policy within the enterprise network or the critical infrastructure, and define functional modules of each entity for DHM enforcement. The threat model of this study is an insider threat of a type not considered in previous studies. We define an attack model considering an insider threat and propose a decoy injection mechanism to confuse the attacker. In addition, we analyze the security of the proposed structure and mechanism based on the security requirements and propose a trade-off considering security and availability.
- KSP Keywords
- Attack Surface, Critical Infrastructure, Cyber deception, Functional Modules, Injection mechanism, Insider Threat, Kill Chain, Moving Target Defense, Security requirements, Target analysis, Threat model
This work is distributed under the term of Creative Commons License (CCL)
(CC BY)
(CC BY)
