Formally modeling deceptive patches using a game-based approach. Issue 75 (June 2018)
- Record Type:
- Journal Article
- Title:
- Formally modeling deceptive patches using a game-based approach. Issue 75 (June 2018)
- Main Title:
- Formally modeling deceptive patches using a game-based approach
- Authors:
- Avery, Jeffrey
Wallrabenstein, John Ross - Abstract:
- Highlights: A novel model to formally analyze the impact of deceptive software security patches is presented. A game-based approach provides insight into how attackers interact with deceptive patches. Potential security parameters that suggest a deceptive patch's level of impact are discussed. Implementation details for active response patches are explored. Abstract: The paradigm that deceptive data, tools and behavior are difficult to distinguish from their legitimate counterparts is intuitively understood, but a formal representation of why deception works and its impact on the security provided by patches is lacking. As an emerging research area, it is important to develop this strong foundation from which to reason about the security impact of proposed techniques. Thus, we present a number of deceptive models that represent a variety of deceptive patches to move toward a formal model of deception. These models identify theoretically secure techniques as well as those that fall short of theoretical security. For techniques that fall short, additional analysis shows they could still be effective in practice. In this research, we first introduce formal game-based security definitions that capture the technique's claimed security impact and present a general game-based model using these definitions. We then apply this general model to faux, obfuscated, and active response patches to formally analyze their security impact. Finally, we discuss whether these ideal properties ofHighlights: A novel model to formally analyze the impact of deceptive software security patches is presented. A game-based approach provides insight into how attackers interact with deceptive patches. Potential security parameters that suggest a deceptive patch's level of impact are discussed. Implementation details for active response patches are explored. Abstract: The paradigm that deceptive data, tools and behavior are difficult to distinguish from their legitimate counterparts is intuitively understood, but a formal representation of why deception works and its impact on the security provided by patches is lacking. As an emerging research area, it is important to develop this strong foundation from which to reason about the security impact of proposed techniques. Thus, we present a number of deceptive models that represent a variety of deceptive patches to move toward a formal model of deception. These models identify theoretically secure techniques as well as those that fall short of theoretical security. For techniques that fall short, additional analysis shows they could still be effective in practice. In this research, we first introduce formal game-based security definitions that capture the technique's claimed security impact and present a general game-based model using these definitions. We then apply this general model to faux, obfuscated, and active response patches to formally analyze their security impact. Finally, we discuss whether these ideal properties of deceptive systems can be achieved in reality. … (more)
- Is Part Of:
- Computers & security. Issue 75(2018)
- Journal:
- Computers & security
- Issue:
- Issue 75(2018)
- Issue Display:
- Volume 75, Issue 75 (2018)
- Year:
- 2018
- Volume:
- 75
- Issue:
- 75
- Issue Sort Value:
- 2018-0075-0075-0000
- Page Start:
- 182
- Page End:
- 190
- Publication Date:
- 2018-06
- Subjects:
- Security -- Software patching -- Deceptive impact -- Game-based modeling -- Implementing deceptive patches
Computer security -- Periodicals
Electronic data processing departments -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/science/journal/01674048 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.cose.2018.02.009 ↗
- Languages:
- English
- ISSNs:
- 0167-4048
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.781000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 11375.xml