Visible to the public Biblio

Found 212 results

2021-10-21
Xu, Lei, Chen, Lin, Gao, Zhimin, Chang, Yanling, Iakovou, Eleftherios, Shi, Weidong.  2018.  Binding the Physical and Cyber Worlds: A Blockchain Approach for Cargo Supply Chain Security Enhancement. 2018 IEEE International Symposium on Technologies for Homeland Security (HST). :1-5.
Maritime transportation plays a critical role for the U.S. and global economies, and has evolved into a complex system that involves a plethora of supply chain stakeholders spread around the globe. The inherent complexity brings huge security challenges including cargo loss and high burdens in cargo inspection against illicit activities and potential terrorist attacks. The emerging blockchain technology provides a promising tool to build a unified maritime cargo tracking system critical for cargo security. However, most existing efforts focus on transportation data itself, while ignoring how to bind the physical cargo movements and information managed by the system consistently. This can severely undermine the effectiveness of securing cargo transportation. To fulfill this gap, we propose a binding scheme leveraging a novel digital identity management mechanism. The digital identity management mechanism maps the best practice in the physical world to the cyber world and can be seamlessly integrated with a blockchain-based cargo management system.
2021-10-20
2019-09-26
Michail Tsikerdekis, Sherali Zeadally.  2014.  Online Deception in Social Media. UKnowledge - University of Kentucky.

This article talks about online deception, deception to them is considered as a deliberate act with the intent to mislead others while the recipients are not made aware or expect that such an act is taking place and that the goal of the deceiver is to transfer that false belief to the deceived ones. Understanding how online deception works through social media and future technologies remains a significant challenge. To address this challenge one needs to design social media applications with various rules and norms that our traditional physical space does not have.

Daniel Fraunholz, Simon Duque Anton, Christoph Lipps, Daniel Reti, Daniel Krohmer, Frederic Pohl, Matthias Tammen, Hans Dieter Schotten.  2018.  Demystifying Deception Technology: A Survey. Arxiv.

It was concluded that deception technology  is a beneficial extension for traditional IT- security. Emphasis was placed on requirement categories, such as psychological, formal, legal and ethical, as well as on recent trends, such as VMI and the field of industrial and critical infrastructure security. 

Abdul Rahman.  2019.  Tricking attackers through the art of deception. Help Net Security.

In cybersecurity, deception is redundant if it cannot misdirect, confuse, and lure attackers into traps and dead-ends. It is the art of tricking attackers into overextending and exposing themselves. To deceive attackers, an organization’s security team must see things from the adversary’s perspective.

Varun Haran.  2017.  Deception Technology: A Primer. Information Security Media Group.

Virtualizations, machine learning and other technologies have allowed individuals to scale and solve the problem of managing these deception decoys. Virtualization, machine learning, and other technologies have been the shift as to why one can now operationalize deception in their environment, as opposed to earlier, where one could do it, but it was a real challenge to keep up with.

[Anonymous].  2019.  Deception Technology—Useful Tool or Just More Busywork? Cyber Defense Magazine.

This article talks about the pros and cons of using deception technology. Deception technology can be useful for detecting an intruder before a breach happens, but it is not a set-it-and-forget-it purchase.

Laurence Pitt.  2018.  Misleading Cyber Foes with Deception Technology. Dark Reading.

In addition to luring attackers away from your real assets, deception tools trick attackers into revealing their hands early. With deception systems, there is no question of false positives and false alerts. 

[Anonymous].  2019.  How Deception Technology Helps CISOs Meet the Challenges of Cyber security. 2019:Blog.

It must be said that not all deception technology is equal. There are many different approaches to the steps required to identify threat actors, and through the use of deception, prevent a breach by moving them out of the production environment and into the deception platform

[Anonymous].  2019.  Cybersecurity Deception Technology. :BlogPost.

The effective deployment of deception technology still requires the fundamentals foundations of cybersecurity to be in place. Without network segmentation, proper access control, security systems and reporting – deception technology alone will add little value.

Dave Bernard.  2018.  Deception technology applied to pharma cybersecurity. Search Health IT.

Due to the increase in use of automation and virtualization, deception technology may make inroads into healthcare. This article is about one pharmaceutical company's approach to using the deception technology.

Doron Kolton.  2018.  5 ways deception tech is disrupting cybersecurity. The Next Web.

Enterprises and their Security Operations Centers (SOCs) are under siege. Security events are being triggered from all corners of the security stack – from the firewall, endpoints, and servers, from intrusion detection systems and other security solutions.

Here are the five ways deception tech is disrupting cybersecurity:
•    Maximum accuracy with minimal human investment
•    Get personal with your business
•    Ensure a post-breach defense for any type of attack
•    Triggers threat hunting operations
•    Empowers organizations towards strategy and active defense
 

Dan Woods.  2018.  How Deception Technology Gives You The Upper Hand In Cybersecurity. Forbes.

Deception technology gives defenders a rare advantage against attackers by doing something that other forms of cybersecurity don’t, it provides early and accurate detection by laying a minefield of attractive decoy systems and content to trip up attackers.

Carolyn Crandall.  2016.  The ins and outs of deception for cyber security. Network World.

New deception technologies bring a heightened level of aggressiveness in addressing cyberattacks.  Dynamic deception steps in, when prevention systems fail, and provides organizations with an efficient way to continuously detect intrusions with high interaction traps, engagement servers, and luring techniques to engage attackers. It does this without requiring additional IT staff to manage the solution.

Dave Climek, Anthony Macera, Walt Tirenin.  2016.  Cyber Deception. Cyber Security and Information Systems Information Analysis Center Journal. 4(1)

Defense through deception can potentially level the cyber battlefield by altering an enemy’s perception of reality through delays and disinformation which can reveal attack methods and provide the attributions needed to identify the adversary’s strategy

Maria Korolov.  2016.  Deception technology grows and evolves. CSO Online.

Deception technologies such as honeypots are becoming increasingly popular with enterprises as the products get more flexible and the tools allow security analysts swamped with incident reports to zero in on cases of actual ongoing infiltration.  According to a report released in August by research firm Technavio, the deception technology market is growing at a compound annual growth rate of 9 percent, and is predicted to reach $1.33 billion by 2020.

Edward Amoroso.  2018.  Deception technology: Authenticity and why it matters. Help Net Security.

This article is the second in a five-part series being developed by Dr. Edward Amoroso in conjunction with the deception technology team from Attivo Networks. The article provides an overview of the central role that authenticity plays in the establishment of deception as a practical defense and cyber risk reduction measure.

The primary functional computing requirements for achieving authenticity in deployed deception can be listed as follows: Interface, Performance, Content, Access, and Behavior.
 

[Anonymous].  2015.  Cybersecurity 101: An Introduction to Cyber Deception Technology. Illusive Networks. 2015

Deception technology is an outside-the-box cybersecurity approach that aims to turn the current paradigm on its head – from reactionary to proactive defense.Traditional, signature-based security measures continue to fall prey to sophisticated zero-day attacks and advanced persistent threats, despite the fact that companies are spending upwards of $3 million per year on information security. It’s time for organizations to get proactive, and use deception technology to enhance the way they architect a comprehensive security strategy. The article presents 4 Things Every CISO Must Know About Deception Cybersecurity.

[Anonymous].  2017.  What is Deception Technology? Force Point.

The aim of deception technology is to prevent a cybercriminal that has managed to infiltrate a network from doing any significant damage. The technology works by generating traps or deception decoys that mimic legitimate technology assets throughout the infrastructure.

[Anonymous].  2017.  Deception Technology: New Dimension For Defense-In-Depth. Security Community.

The Deception technology enhances both Network and Cyber Security into a more effective security strategy by reducing the false positives, profiling the attack, attacker and the ways of attack. 

2019-09-25
Edward Amoroso.  2018.  An introduction to deception technology. Help Net Security.

The evolution of modern enterprise networking has progressed to the point where two conditions make deception an important and urgent control to introduce to a target environment now: Inevitability of attacks and Context-awareness of attacks.

Andrew Bushby.  2019.  How deception can change cyber security defences. Science Direct. 2019(1):12-14.

Deception technology is used to lure, detect and defend against attacks. Deception technology should be used within organizations. There are five ways that deception technology is changing the cyber security landscape.

Mark Rockwell.  2019.  Sandia digs deeper into its cyber deception sandbox. GCN.

Sandia National Laboratory’s virtual cybersecurity sandbox environment, called HADES (High fidelity Adaptive Deception & Emulation System), applies deceptive techniques. HADES lures hackers into the simulated virtual environment, which includes replicated virtual real hard drives, memory, and data sets. Sandia analysts can then analyze the hackers in real-time.

Linda Musthaler.  2016.  Virtual environments make it easy to deploy deception technology. Network World.

Usage of virtual machines is one of the ways in which cyber deception is enabled. TrapX Security’s DeceptionGrid solution make uses of virtual machines to lure and trap attackers. Within the virtual environment, an attacker’s actions and techniques can be further analyzed and used to defend against them.  

Andy Greenberg.  2018.  Russian Hacker False Flags Work - Even After They're Exposed. Wired.

Hackers often perform deception through the use of false flag operations. False flags allow nation-state actors to pose as others in order to further complicate attribution. Russian hackers planted destructive malware, called the "Olympic Destroyer", which contained code deriving from other well-known attacks launched by different hacking groups. This discovery highlights the evolution of deceptive tactics used by hackers.