Rateless and pollution-attack-resilient network coding
Wentao Huang, Ting Wang, et al.
ISIT 2015
Determined cyber adversaries often strategize their attacks by carefully selecting high-value target machines that host insecure (e.g., unpatched) legacy software. In this paper, we propose a moving-target approach to thwart and countersurveil such adversaries, wherein live (non-decoy) enterprise software services are automatically modified to deceptively emulate vulnerable legacy versions that entice attackers. A game-theoretic framework chooses which emulated software stacks, versions, configurations, and vulnerabilities yield the best defensive payoffs and most useful threat data given a specific attack model. The results show that effective movement strategies can be computed to account for pragmatic aspects of deception, such as the utility of various intelligence-gathering actions, impact of vulnerabilities, performance costs of patch deployment, complexity of exploits, and attacker profile.
Wentao Huang, Ting Wang, et al.
ISIT 2015
Zhiyuan He, Yijun Yang, et al.
ICML 2024
Teryl Taylor, Frederico Araujo, et al.
Big Data 2020
Anisa Halimi, Leonard Dervishi, et al.
PETS 2022