Abstract
Deception systems have produced promising results in protecting networks from recent attack campaigns. Their development and operation, however, is regulated by technical and legal circumstances. There are several aspects to be considered when operating a deception system, such as privacy, entrapment and liability. In addition to these general aspects, domain specific law that, for example, applies to research or government, needs to be accounted for. In this work German and European law was investigated with respect to deception systems focusing on the aspects listed above and others. The findings are applied to the design, operation of a Honeypot, as well as the generation and publication of information. We found that it is not forbidden to use deception systems in general but several facets have to be considered in the technical implementation.
Author supplied keywords
Cite
CITATION STYLE
Fraunholz, D., Lipps, C., Zimmermann, M., Duque Antón, S., Mueller, J. K. M., & Schotten, H. D. (2018). Deception in information security: Legal considerations in the context of German and European law. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 10723 LNCS, pp. 259–274). Springer Verlag. https://doi.org/10.1007/978-3-319-75650-9_17
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
