Introduction to Cyberdeception

This book is an introduction to both offensive and defensive techniques of cyberdeception. Unlike most books on cyberdeception, this book focuses on methods rather than detection. It treats cyberdeception techniques that are current, novel, and practical, and that go well beyond traditional honeypots. It contains features friendly for classroom use: (1) minimal use of programming details and mathematics, (2) modular chapters that can be covered in many orders, (3) exercises with each chapter, and (4) an extensive reference list.Cyberattacks have grown serious enough that understanding and using deception is essential to safe operation in cyberspace. The deception techniques covered are impersonation, delays, fakes, camouflage, false excuses, and social engineering. Special attention is devoted to cyberdeception in industrial control systems and within operating systems. This material is supported by a detailed discussion of how to plan deceptions and calculate their detectability and effectiveness. Some of the chapters provide further technical details of specific deception techniques and their application. Cyberdeception can be conducted ethically and efficiently when necessary by following a few basic principles. This book is intended for advanced undergraduate students and graduate students, as well as computer professionals learning on their own. It will be especially useful for anyone who helps run important and essential computer systems such as critical-infrastructure and military systems.

Examines a broad range of cyberdeception techniques including impersonation, delays, fakes, camouflage, false excuses, and social engineering Provides more breadth of coverage than any competing book Uses a student-friendly format with exercises, minimal mathematics, and extensive references

Autorentext
Neil C. Rowe is Professor of Computer Science at the U.S. Naval Postgraduate School where he has been since 1983. He has a Ph.D. in Computer Science from Stanford University (1983). His main research interests are in data mining, digital forensics, modeling of deception, and cyberwarfare.
Julian Rrushi is an assistant professor with the Department of Computer Science at Western Washington University, Bellingham, WA. He received a PhD in computer science from the University of Milan in 2009. His research is on cyber security, and includes work on industrial control systems. He worked for several years in industry as a vulnerability researcher before accepting a faculty appointment with Western Washington University.

Inhalt
Introduction.- Psychology of Deception.- Professional Deception.- Deception Methods for Defense.- Deception Methods for Offense.- Delays.- Fakes.- Defensive Camouflage.- False Excuses.- Defensive Social Engineering.- Measuring Deception.- Planning Cyberspace Deception.- Software Engineering of Deceptive Software and Systems.- Decoy I/O Devices.- Deception for the Electrical Power Industry.- Law and Ethics for Software Deception.