CERIAS - Center for Education and Research in Information Assurance and Security

Skip Navigation
CERIAS Logo
Purdue University
Center for Education and Research in Information Assurance and Security

Use of Deception and Misdirection in Cyber Defense

Principal Investigator: Gene Spafford

Deception and falsehoods have long been used in security, with such oft-used techniques as decoys, false flag operations, and double agents.  Use of these mechanisms in cyber security have also been around for some time, with the use of honeypots (for example).  However, the mantra of "No security through obscurity" has perhaps steered people from possibilities.

We have developed a formal classification of deception and obfuscation techniques, and study how to develop new ones for the purpose of cyber defense.

 We have developed a mechanism for covert signalling doubt in veracity during remote logins.  We have built a mechanism to defend against anti-foensic tools and botnets, and investigated the utility of obfuscating patches to hide vulnerabilities.

 

We expect to develop some other methods as we continue the process.

Personnel

Other PIs: Mike Atallah Saurabh Bagchi

Other Faculty: Mohammed Almeshekah (King Saud University)

Students: Jeffery Avery (graduated) Christopher Guiterrez (graduated)

Representative Publications

  • Avery, J., & Spafford, E. H. (2017, May). Ghost Patches: Fake Patches for Fake Vulnerabilities. In IFIP International Conference on ICT Systems Security and Privacy Protection (pp. 399-412). Springer, Cham.

  • Using Deceptive Information in Information Security Defenses; by M. Almeshekah and E. H. Spafford; in International Journal of Cyber Warfare and Terrorism(IJCWT), 4 (3), 46-58, July-September 2014, IGI Global.

  • Planning and Integrating Deception into Computer Systems Defenses; by M. Almeshekah and E. H. Spafford; in Proceedings of the New Security Paradigms Workshop (NSPW); 2014.

  • Covert Channels Can Be Useful! --Layering Authentication Channels to Provide Covert Communication; by M. Almeshekah, M. Atallah and E. Spafford; in Proceedings of the 21st International Workshop on Security Protocols; F. Stajano and J. Anderson, eds.; published and \copyright in 2013 by Springer-Verlag.

  • Enhancing Passwords Security using Deceptive Covert Communication, M. Almeshekah, M. Atallah and E. H. Spafford, International Conference on ICT Systems Security and Privacy Protection, IFIP SEC’15, May 26-28, 2015, Hamburg, Germany 

  •  The Case of Using Negative (Deceiving) Information in Data Protection; M. Almeshekah and E. H. Spafford; 9th International Conference on Cyber Warfare and Security (ICCWS); 2014.

     

Keywords: access control, deception, defense, duress, honeypots, honeytokens