About | Contact Us | Register | Login
ProceedingsSeriesJournalsSearchEAI
Digital Forensics and Cyber Crime. 14th EAI International Conference, ICDF2C 2023, New York City, NY, USA, November 30, 2023, Proceedings, Part II

Research Article

Assessing the Effectiveness of Deception-Based Cyber Defense with CyberBattleSim

Cite
BibTeX Plain Text
  • @INPROCEEDINGS{10.1007/978-3-031-56583-0_15,
        author={Quan Hong and Jiaqi Li and Xizhong Guo and Pan Xie and Lidong Zhai},
        title={Assessing the Effectiveness of Deception-Based Cyber Defense with CyberBattleSim},
        proceedings={Digital Forensics and Cyber Crime. 14th EAI International Conference, ICDF2C 2023, New York City, NY, USA, November 30, 2023, Proceedings, Part II},
        proceedings_a={ICDF2C PART 2},
        year={2024},
        month={4},
        keywords={CyberBattleSim Deception-Based Defense Cybersecurity Defense Effect Evaluation Simulation},
        doi={10.1007/978-3-031-56583-0_15}
    }
    
  • Quan Hong
    Jiaqi Li
    Xizhong Guo
    Pan Xie
    Lidong Zhai
    Year: 2024
    Assessing the Effectiveness of Deception-Based Cyber Defense with CyberBattleSim
    ICDF2C PART 2
    Springer
    DOI: 10.1007/978-3-031-56583-0_15
Quan Hong1, Jiaqi Li1, Xizhong Guo1, Pan Xie2, Lidong Zhai3,*
  • 1: School of Cyber Security
  • 2: China United Network Communications Group Co.
  • 3: Institute of Information Engineering
*Contact email: zhailidong@iie.ac.cn

Abstract

Deception-Based Cyber Defense technology involves deploying various elements within a network to deliberately mislead and deceive potential attackers, enabling the early detection and warning of cyber-attacks in their nascent stages. However, there is a lack of systematic research on defensive effectiveness, applicability in different scenarios, and potential synergies with other defense mechanisms of various deception technologies. To address this research gap, this study incorporates negative rewards within the CyberBattleSim platform to simulate the consequences imposed on adversaries when encountering deception techniques. We then assess the efficacy of diverse cyber deception strategies through the cumulative reward trend of attackers. Furthermore, we simulated the combined deployment of different deception technologies and the deployment of deception technology in distinct network scenarios, to evaluate the synergistic impact of deception technologies when coupled with other defensive measures and explore the suitable application scenarios of deception technology. The outcomes of multiple experiments conducted on the CyberBattleSim platform demonstrate that deception technology can impact attackers by delaying or preventing penetration and the combination of distinct deception techniques can yield varying enhancements in defense effectiveness. Additionally, the combination of Shock Trap and honeypot technology can maximize the defense effect.

Keywords
CyberBattleSim Deception-Based Defense Cybersecurity Defense Effect Evaluation Simulation
Published
2024-04-03
Appears in
SpringerLink
http://dx.doi.org/10.1007/978-3-031-56583-0_15
Copyright © 2023–2025 ICST
EBSCOProQuestDBLPDOAJPortico
EAI Logo

About EAI

  • Who We Are
  • Leadership
  • Research Areas
  • Partners
  • Media Center

Community

  • Membership
  • Conference
  • Recognition
  • Sponsor Us

Publish with EAI

  • Publishing
  • Journals
  • Proceedings
  • Books
  • EUDL