Computer Science 5th Years Master's Thesis Presentation
Location:
In Person and Virtual - ET
-
Blelloch-Skees Conference Room, Gates Hillman 8115 and Zoom
Speaker:
YUSUF BIN SAQUIB
,
Master's Student, Computer Science Department, Carnegie Mellon University
https://yusufsaquib.com/
Perry: A What-If Analysis Platform for Deception Evaluation
As reliance on resilient networks increases, it is becoming evermore imperative that cybersecurity professionals refine their techniques to fortify and secure networks against malicious attacks. Within the realm of network security, cyber deception emerges as a promising defensive technique. However, the lack of a standardized evaluation method makes evaluating the efficacy of deception techniques an arduous task.
In this paper, we present Perry, a realistic, extensible platform that aims to evaluate the efficacy of deception techniques against each other and allows the user a fine level of control over all aspects of the platform. We demonstrate the effectiveness of the system by using it to evaluate several defender profiles against a simulated attacker by running hundreds of trials and comparing the results.
We found that allowing a defender to deploy honeyservices in addition to equipping it with telemetry allows it to prevent the attacker from capturing all of the flags nearly 50% of the time. Furthermore, allowing the defender to deploy decoys on the network allows the defender to prevent the attacker from capturing all of the flags in nearly 90% of trials. We believe that Perry will be a valuable tool for researchers to evaluate their deception techniques and effectiveness of their defenders, establishing a common ground for comparing different deception techniques.
Thesis Committee:
Vyas Sekar (Chair)
Lujo Bauer
Additional Information
In Person and Zoom Participation. See announcement.