Over the years, malicious entities in cyber-space have grown smarter and resourceful. For defenders to stay abreast of the increasingly sophisticated attacks, the need is to understand these attacks. In this paper, we study the current trends in security attacks and present a threat model that encapsulates their sophistication. Survivability is difficult to achieve because of its contradictory requirements. It requires that a critical system survives all attacks (including zero-day attacks), while still conserving the timeliness property of its mission. We recognize deception as an important tool to resolve this conflict. The proposed deception-based framework predicts an attacker’s intent in order to design a stronger and more effective recovery; hence strengthening system survivability. Each design choice is supported by evidence and a detailed review of existing literature. Finally, we discuss the challenges in implementing such a framework and the directions that can be taken to overcome them.

1. A Deception Framework for Survivability
Against Next Generation Cyber Attacks
Ruchika Mehresh and Shambhu Upadhyaya
Department of Computer Science and Engineering,
University at Buffalo, Buffalo, NY 14260
1

2. Motivation
The Asymmetric warfare
Kind of sophisticated attacks happening lately:
 Botnets, command and control
 Operation Aurora
 Stuxnet
3

3. Problem Statement
How to enable critical systems to survive the
next-generation of sophisticated attacks
Deception
4

4. Introduction
• Survivability is the ability of a system to perform
its mission (essential operations) in presence of
attacks, faults or accidents
• Focus on how to survive an attack
– Does not focus on source or type of attack
5

5. Introduction
• Survivability involves four phases:
– Prevention against faults/attacks
– Detection of faults/attacks
– Recovery from faults/attacks
– Adaptation/Evolution to avoid future attacks
• Timeliness property
6

6. Introduction
 Next-generation attack assessment
 Formal requirements
 Deception as a tool of defense
 Proposed framework
7

7. Underlying pattern in
sophisticated attacks [6]
Solution
Features:
1. Multi-shot
2. Stealth
3. Contingency plan
8

8. Formal system requirements
 Recognizing the smart adversary
 Prevention
 Surreptitious detection
 Effective recovery with adaptation
 Zero-day attacks
9

9. Formal system requirements
 Conserving timeliness property
 Non-verifiable deception
10

10. Deception as tool of defense
• Preventive deception
– Hiding, Distraction, Dissuasion
• Detection
– Honeypot farm
• Recovery
– Concealing the detection till an effective patch has
been worked out
11

11. Framework
12

12. Work in progress
• Design issues
• Controlling the feedback loop
• Smart-box design
– Assess the nature of the traffic flow
– Map AIOS to a honeypot
13

13. Conclusion
• Deception based survivability solution against
sophisticated attacks
• Dealing with zero-day attacks while conserving
timeliness property
• Stronger recovery with surreptitious detection
14

14. References
1. E. Nakashima and J. Pomfret. China proves to be an aggressive foe in
cyberspace, November 2009.
2. M. Ramilli and M. Bishop. Multi-stage delivery of malware. 5th International
Conference on Malicious and Unwanted Software (MALWARE), 2010.
3. E. J. Kartaltepe, J. A. Morales, S. Xu, and R. Sandhu. Social network based botnet
command-and-control: emerging threats and countermeasures. Proceedings of the
8th international conference on Applied cryptography and network security
(ACNS), pages 511–528, 2010.
4. M. Labs and M. F. P. Services. Protecting your critical assets, lessons learned from
operation aurora. Technical report, 2010.
5. M. J. Gross. A declaration of cyber-war, April 2011.
6. K. A. Repik. Defeating adversary network intelligence efforts with active cyber defense
techniques. Master’s thesis, Graduate School of Engineering and Management, Air
Force Institute of Technology, 2008.
7. A. D. Lakhani. Deception techniques using honeypots. Master’s thesis, MSc
Thesis, ISG, Royal Holloway, University of London, 2003.
15