Find us on
 |
 |
 |
 |
 |
Past Programs
 |
Keynote: Securing IT in Healthcare: Part III |
 |
Keynote: SITH3, Technology-Enabled Remote Monitoring and Support |
 |
Intersection of mHealth and Behavioral Health |
Newsletter
ISTS Information Pamphlet
We examine deception methods for defense of computer systems from various kinds of cyber-attack. Attackers use deception all the time, but only recently has information-security research considered defensive deception. We discuss the various kinds of deception that are effective in cyberspace, and contrast their relative merits for offense and defense. Best known defensively are honeypots, which must use deceits of several kinds to be effective. We discuss our research on honeypots and our new work on "fake honeypots", machines deliberately designed to look like honeypots to scare attackers away. We also discuss deceptive delaying tactics, deceptive packet modifications, and false excuses as ways to stymie or confuse attackers. We show methods for maintaining consistency of deceptions. But deception must be designed with high precision using intrusion-detection methods to minimize damage to legitimate users using the same resources.
Neil C. Rowe is Professor and Coordinator of Research in Computer Science at the U.S. Naval Postgraduate School where he has been since 1983. He has a Ph.D. in Computer Science from Stanford University (1983), and E.E. (1978), S.M. (1978), and S.B. (1975) degrees from the Massachusetts Institute of Technology. His main research interest is the role of deception in information processing, and he has also done research on intelligent access to multimedia databases, image processing, robotic path planning, and intelligent tutoring systems. He is the author of over 130 technical papers and a book.
