Security protection design for deception and real system regimes: A model and analysis |
| |
Authors: | C Ryu R Sharman HR Rao S Upadhyaya |
| |
Institution: | 1. College of Business Administration, Kookmin University, Seoul, Republic of Korea;2. Department of Management Science and Systems, State University of New York, Buffalo, NY 14260, United States;3. Department of Computer Science and Engineering, State University of New York, Buffalo, NY 14260, United States |
| |
Abstract: | In this paper, we model a possible deception system with the explicit purpose of enticing unauthorized users and restricting their access to the real system. The proposed model represents a system designer’s defensive actions against intruders in a way that maximizes the difference between the intruders’ cost and the system designer’s cost of system protection. Under the assumption of a dual entity system, the proposed model shows that intruders differ in behavior depending on the system’s vulnerability at the time of intrusion as well as depending on their own economic incentives. The optimal results of the proposed model provide the system designer with insights on how to configure the level of protection for the two systems. |
| |
Keywords: | Decision analysis Information security Deception system Economic model |
本文献已被 ScienceDirect 等数据库收录! |
|