This chapter outlines a concept for integrating cyber denial and deception (cyber-D&D) tools, tactics, techniques, and procedures (TTTPs) into an adversary modeling system to support active cyber defenses (ACD) for critical enterprise networks. We describe a vision for cyber-D&D and outline a general concept of operation for the use of D&D TTTPs in ACD.We define the key elements necessary for integrating cyber-D&D into an adversary modeling system. One such recently developed system, the Adversarial Tactics, Techniques and Common Knowledge (ATT&CKTM) Adversary Model is being enhanced by adding cyber-D&D TTTPs that defenders might use to detect and mitigate attacker tactics, techniques, and procedures (TTPs).We describe generalD&D types and tactics, and relate these to a relatively new concept, the cyber-deception chain.We describe how defenders might build and tailor a cyber-deception chain to mitigate an attacker's actions within the cyber attack lifecycle. While we stress that this chapter describes a concept and not an operational system, we are currently engineering components of this concept for ACD and enabling defenders to apply such a system.
CITATION STYLE
Stech, F. J., Heckman, K. E., & Strom, B. E. (2016). Integrating cyber-D&D into adversary modeling for active cyber defense. In Cyber Deception: Building the Scientific Foundation (pp. 1–22). Springer International Publishing. https://doi.org/10.1007/978-3-319-32699-3_1
Mendeley helps you to discover research relevant for your work.