Using Deception to Hide Things from Hackers: Processes, Principles, and Techniques

Abstract

Deception offers one means of hiding things from an adversary. This paper introduces a model for understanding, comparing, and developing methods of deceptive hiding. The model characterizes deceptive hiding in terms of how it defeats the underlying processes that an adversary uses to discover the hidden thing. An adversary's process of discovery can take three forms: direct observation (sensing and recognizing), investigation (evidence collection and hypothesis formation), and learning from other people or agents. Deceptive hiding works by defeating one or more elements of these processes. The model is applied to computer security; it also is applicable to other domains.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 2006
Accession Number
ADA485003

Entities

People

  • Dorothy E. Denning
  • Fred Feer
  • Jim Yuill

Organizations

  • North Carolina State University

Tags

Communities of Interest

  • Biomedical
  • Cyber
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Cognition
  • Computer Access Control
  • Computer Programs
  • Computers
  • Cybersecurity
  • Deception
  • Detection
  • Detectors
  • Electronic Mail
  • Information Warfare
  • Intrusion Detection
  • Intrusion Detectors
  • Network Protocols
  • Observation
  • Port Scanners
  • Security
  • Vulnerability Scanners

Fields of Study

  • Computer science

Readers

  • Irregular Warfare and Special Operations Cyberspace Operations against Adversarial Threats.
  • Sensor Fusion and Tracking Systems.
  • Theoretical Analysis.

Technology Areas

  • Cyber