Cyber criminals have become a formidable treat in
today’s world. This present reality has placed cloud computing platforms under
constant treats of cyber-attacks at all levels, with an ever-evolving treat
landscape. It has been observed that the number of threats faced in cloud
computing is rising exponentially mainly due to its widespread adoption, rapid
expansion and a vast attack surface. One of the front-line tools employed in
defense against cyber-attacks is the Intrusion Detection Systems (IDSs). In
recent times, an increasing number of researchers and cyber security practitioners
alike have advocated the use of deception-based techniques in IDS and other
cyber security defenses as against the use of traditional methods. This paper
presents an extensive overview of the deception technology environment, as well
as a review of current trends and implementation models in deception-based
Intrusion Detection Systems. Issues mitigating the implementation of deception
based cyber security defenses are also investigated.
References
[1]
Yange, S.T., Oluoha, O. and Abdulmuminu, M.Y. (2020) A Data Analytics System for Network Intrusion Detection Using Decision Tree. Journal of Computer Sciences and Applications, 8, 21-29.
[2]
Milenkoski, A., Viera, M., Kounev, S., Avritzer, A. and Payne, B.D. (2015) Evaluating Computer Intrusion Detection Systems: A Survey of Common Practices. ACM Computing Surveys, 48, Article No. 12. https://doi.org/10.1145/2808691
[3]
Mitchell, R. and Chen, I. (2014) A Survey of Intrusion Detection Techniques for Cyber-Physical Systems. ACM Computing Surveys, 46, Article No. 55. https://doi.org/10.1145/2542049
[4]
Brindha, P. and Senthilkumar, A. (2016) High Speed and Low Power Architecture for Network Intrusion Detection System. Circuits and Systems, 7, 1324-1333. https://doi.org/10.4236/cs.2016.78115
[5]
Kumar, R.S.S., Wicker, A. and Swann, M. (2017) Practical Machine Learning for Cloud Intrusion Detection: Challenges and the Way Forward. AISec’17: Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, Dallas, TX, 3 November 2017, 81-90. https://doi.org/10.1145/3128572.3140445
[6]
Emmah, V.T., Ejiofor C.I. and Onyejegbu, L.N. (2017) Review of Malware and Techniques for Combating Zero Day Attacks. International Journal of Engineering Research & Technology (IJERT), 6, 267-275.
[7]
Stevanovic, M. (2016) Machine Learning for Network-Based Malware Detection. PhD Thesis, Aalborg University, Aalborg, 1-90.
[8]
Buczak, A.L. and Guven, E. (2016) A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection. IEEE Communications Surveys & Tutorials, 18, 1153-1176. https://doi.org/10.1109/COMST.2015.2494502
[9]
Hodo, E., Bellekens, X., Hamilton, A., Tachtatzis, C. and Atkinson, R. (2017) Shallow and Deep Networks Intrusion Detection System: A Taxonomy and Survey. Department of Electronic & Electrical Engineering, University of Strathclyde, Glasgow, 1-43.
[10]
Salem, M. (2014) Adaptive Real-Time Anomaly-Based Intrusion Detection Using Data Mining and Machine Learning Techniques. PhD Thesis, Faculty of Electrical Engineering/Computer Science, University of Kassel, Kassel, 1-195.
[11]
Almeshekah, M.H. and Spafford, E.H. (2016) Cyber Security Deception. In: Jajodia, S., Subrahmanian, V., Swarup, V. and Wang, C., Eds., Cyber Deception, Springer, Cham, 23-50. https://doi.org/10.1007/978-3-319-32699-3_2
[12]
Stoll, C. (2005) The Cuckoo’s Egg: Tracing a Spy through the Maze of Computer Espionage. Gallery Books. (First published 1989).
Spitzner, L. (2003) Honeypots: Tracking Hackers, Volume 1. Addison-Wesley, Reading.
[15]
Almeshekah, M.H. and Spafford, E.H. (2014) The Case of Using Negative (Deceiving) Information in Data Protection. International Conference on Cyber Warfare and Security, 237-246.
[16]
Bell, J.B. and Whaley, B. (1991) Cheating and Deception. Transaction Publishers, New Brunswick.
[17]
Dunnigan, J. F. and Nofi, A.A. (2001) Victory and Deceit: Deception and Trickery at War. Writers Club Press.
[18]
Bennett, M. and Waltz, E. (2007) Counter-Deception Principles and Applications for National Security. Artech House, Norwood, MA.
[19]
Almeshekah, M., Spafford, E.H. and Atallah, M.J. (2013) Improving Security Using Deception. CERIAS Tech Report 2013-13, Center for Education and Research Information Assurance and Security Purdue University, West Lafayette, IN.
[20]
Banerjee, U., Batra, G. and Arya, K.V. (2012) Feedback Reliability Ratio of an Intrusion Detection System. Journal of Information Security, 3, 238-244. https://doi.org/10.4236/jis.2012.33030
[21]
Osanaiye, O., Kim-Kwang, R.C. and Mqhele, D. (2016) Distributed Denial of Service (DDoS) Resilience in Cloud: Review and Conceptual Cloud DDoS Mitigation Framework. Journal of Network and Computer Applications, 67, 147-165. https://doi.org/10.1016/j.jnca.2016.01.001
[22]
Sari, A. (2015) A Review of Anomaly Detection Systems in Cloud Networks and Survey of Cloud Security Measures in Cloud Storage Applications. Journal of Information Security, 6, 142-154. https://doi.org/10.4236/jis.2015.62015
[23]
Gagandeep, M.R. (2019) A Review of Intrusion Detection System in Cloud Computing. International Conference on Sustainable Computing in Science, Technology & Management (SUSCOM-2019), Amity University Rajasthan, Jaipur, India, 26-28 February 2019, 770-776.
[24]
Alam, S., Shuaib, M. and Samad, A. (2019) A Collaborative Study of Intrusion Detection and Prevention Techniques in Cloud Computing. International Conference on Innovative Computing and Communications, Lecture Notes in Networks and Systems, 55, 231-240. https://doi.org/10.1007/978-981-13-2324-9_23
[25]
Chourasiya, P. (2018) A Survey on Intrusion Detection Technique in Cloud Computing System. International Journal of Scientific Research in Computer Science, Engineering and Information Technology (2018 IJSRCSEIT), 3, 526-531.
[26]
Nagaraja, A. and Kumar, S.T. (2018) An Extensive Survey on Intrusion Detection—Past, Present, Future. Proceedings of the 4th International Conference on Engineering & MIS, Istanbul, 19-20 June 2018, Article No. 45. https://doi.org/10.1145/3234698.3234743
[27]
Pawlick, J., Colbert, E. and Zhu, Q. (2017) A Game-Theoretic Taxonomy and Survey of Defensive Deception for Cybersecurity and Privacy. ACM Computing Surveys, 52, Article No. 82. https://doi.org/10.1145/3337772
[28]
Virvilis-Kollitiris, N. (2015) Detecting Advanced Persistent Threats through Deception Techniques. PhD Thesis, Information Security and Critical Infrastructure Protection (INFOSEC) Laboratory, Department of Informatics, Athens University of Economics & Business, Athens, 1-174.
[29]
Efendi, A.I.M., Ibrahim, Z., Zawawi, M.N.A., Rahim, F.A., Pahri, N.A.M. and Ismail, A. (2019) A Survey of Deception Techniques for Securing Web Applications. 2019 IEEE 5th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS), Washington DC, 27-29 May 2019, 328-331. https://doi.org/10.1109/BigDataSecurity-HPSC-IDS.2019.00066
[30]
Park, K., Woo, S., Moon, D. and Choi, H. (2018) Secure Cyber Deception Architecture and Decoy Injection to Mitigate the Insider Threat. Symmetry, 10, 14. https://doi.org/10.3390/sym10010014
[31]
Sharma, S. and Kaul, A. (2018) A Survey on Intrusion Detection Systems and Honeypot Based Proactive Security Mechanisms in VANETs and VANET Cloud. Vehicular Communications, 12, 138-164. https://doi.org/10.1016/j.vehcom.2018.04.005
[32]
Fraunholz, D., Anton, D.S., Lipps, C., Reti, D., Krohmer, D., Pohl, F., Tammen, M. and Schotten, D.H. (2018) Demystifying Deception Technology: A Survey. arXiv:1804.06196
[33]
Urias, E.V., Stout, W.M.S., Luc-Watson, J., Grim, J., Liebrock, L. and Merza, M. (2017) Technologies to Enable Cyber Deception. 2017 International Carnahan Conference on Security Technology (ICCST), Madrid, 23-26 October 2017, 1-6. https://doi.org/10.1109/CCST.2017.8167793
[34]
Han, X., Kheir, N. and Balzarotti, D. (2018) Deception Techniques in Computer Security: A Research Perspective. ACM Computing Surveys, 51, Article 80. https://doi.org/10.1145/3214305
[35]
Steingartner, W., Galinec, D. and Kozina, A. (2021) Threat Defense: Cyber Deception Approach and Education for Resilience in Hybrid Threats Model. Symmetry, 13, 597. https://doi.org/10.3390/sym13040597
[36]
Varghese, B. and Buyya, R. (2018) Next Generation Cloud Computing: New Trends and Research Directions. Future Generation Computer Systems, 79, 849-861. https://doi.org/10.1016/j.future.2017.09.020
[37]
Shendre, K. (2015) Intrusion Detection Using Honeypot and Support Vector Machine Classifier. Master Thesis, Department of Computer Science and Engineering, National Institute of Technology, Rourkela, India, 1-58.
[38]
Sanders, M.E. (2015) Unknown Threat Detection with Honeypot Ensemble Analysis Using Big Datasecurity Architecture. Master Thesis, Illinois State University, Normal, IL, 1-77.
[39]
Samu, F. (2016) Design and Implementation of a Real-Time Honeypot System for the Detection and Prevention of Systems Attacks. Master Thesis, St. Cloud State University, St Cloud, MN, 1-129.
[40]
Vasilomanolakis, E. (2016) On Collaborative Intrusion Detection. PhD Thesis, Technische Universität Darmstadt, Darmstadt, 1-233.
[41]
Bar, A., Shapira, B., Rokach, L. and Unger, M. (2016) Identifying Attack Propagation Patterns in Honeypots Using Markov Chains Modeling and Complex Networks Analysis. 2016 IEEE International Conference on Software Science, Technology and Engineering, Beer-Sheva, Israel, 23-24 June 2016, 28-36. https://doi.org/10.1109/SWSTE.2016.13
[42]
De Faveri, C., Moreira, A. and Amaral, V. (2018) Multi-Paradigm Deception Modeling for Cyber Defense. The Journal of Systems & Software, 141, 32-51. https://doi.org/10.1016/j.jss.2018.03.031
[43]
Jafarian, J.H., Al-Shaer, E. and Duan, Q. (2012) Openflow Random Host Mutation: Transparent Moving Target Defense Using Software Defined Networking. Proceedings of the First Workshop on Hot Topics in Software Defined Networks, Helsinki, 13 August 2012, 127-132. https://doi.org/10.1145/2342441.2342467
[44]
Karlin, J., Ellard, D., Jackson, W.A., Jones, C.E., Lauer, G., Mankins, D. and Strayer W.T. (2011) Decoy Routing: Toward Unblockable Internet Communication. USENIX Workshop on Free and Open Communications on the Internet (FOCI), San Francisco, CA, 1-6. https://www.usenix.org/legacy/events/foci11/tech/final_files/Karlin.pdf
[45]
Nasr, M., Zolfaghari, H. and Houmansadr, A. (2017) The Waterfall of Liberty: Decoy Routing Circumvention That Resists Routing Attacks. Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, Dallas, TX, 30 October 2017-3 November 2017, 2037-2052. https://doi.org/10.1145/3133956.3134075
[46]
Adili, T.M.T., Mohammadi, A., Manshaei, H.M. and Rahman, A.M. (2017) A Cost-Effective Security Management for Clouds: A Game-Theoretic Deception Mechanism. 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM), Lisbon, 8-12 May 2017, 98-106. https://doi.org/10.23919/INM.2017.7987269
[47]
Chen, Z., Wei, S., Yu, W., Nguyen, J.H. and Hatcher, W.G. (2018) A Cloud/Edge Computing Streaming System for Network Traffic Monitoring and Threat Detection. International Journal of Security and Networks, 13, 169-186. https://doi.org/10.1504/IJSN.2018.10014317
[48]
Baykara, M. and Das, R. (2018) A Novel Honeypot Based Security Approach for Real-Time Intrusion Detection and Prevention Systems. Journal of Information Security and Applications, 41, 103-116. https://doi.org/10.1016/j.jisa.2018.06.004
[49]
Almomani, A., Alauthman, M., Albalas, F., Dorgham, O. and Obeidat, A. (2018) An Online Intrusion Detection System to Cloud Computing Based on Neucube Algorithms. International Journal of Cloud Applications and Computing, 8, Article 5. https://doi.org/10.4018/IJCAC.2018040105
[50]
Shrivastav, S. and Dhawan, G. (2018) Detection of Intrusion Detection System in Cloud Using Artificial Intelligence. International Journal of Advanced Computronics and Management Studies (IJACMS), 3, 43-50.
[51]
Hajimirzaei, B. and Navimipour, N.J. (2018) Intrusion Detection for Cloud Computing Using Neural Networks and Artificial Bee Colony Optimization Algorithm. ICT Express, 5, 56-59. https://doi.org/10.1016/j.icte.2018.01.014
[52]
Mehibs, M.S. and Hashim, H.S. (2018) Proposed Network Intrusion Detection System Based on Fuzzy C Mean Algorithm in Cloud Computing Environment. Journal of Babylon University/Pure and Applied Sciences, 26, 29-40. https://doi.org/10.29196/jub.v26i1.351
[53]
Aldribi, A., Traore, I., Moa, B. and Nwamuo, O. (2019) Hypervisor-Based Cloud Intrusion Detection through Online Multivariate Statistical Change Tracking. Computers & Security, 88, Article ID: 101646. https://doi.org/10.1016/j.cose.2019.101646
[54]
Joseph, L. and Mukesh, R. (2018) Detection of Malware Attacks on Virtual Machines for a Self Heal Approach in Cloud Computing Using VM Snapshots. Journal of Communications Software and Systems, 14, 249-257. https://doi.org/10.24138/jcomss.v14i3.537
[55]
Qasem, M. and Almohri, M.J.H. (2019) An Efficient Deception Architecture for Cloud-Based Virtual Networks. Kuwait Journal of Science, 46, 40-52.
[56]
Jelidi, M., Ghourabi, A. and Gasmi, K. (2019) A Hybrid Intrusion Detection System for Cloud Computing Environments. 2019 International Conference on Computer and Information Sciences (ICCIS), Sakaka, 3-4 April 2019, 1-6. https://doi.org/10.1109/ICCISci.2019.8716422
[57]
Li, Y., Shi, L. and Feng, H. (2019) A Game-Theoretic Analysis for Distributed Honeypots. Future Internet, 11, 65. https://doi.org/10.3390/fi11030065
[58]
Fraunholz, D., Zimmermann, M., Hafner, A. and Schotten, D.H. (2017) Data Mining in Long-Term Honeypot Data. 2017 IEEE International Conference on Data Mining Workshops (ICDMW), New Orleans, LA, 18-21 November 2017, 649-656. https://doi.org/10.1109/ICDMW.2017.92
[59]
Fraunholz, D., Zimmermann, M., Hafner, A. and Schotten, D.H. (2017) An Adaptive Honeypot Configuration, Deployment and Maintenance Strategy. 2017 19th International Conference on Advanced Communication Technology (ICACT), PyeongChang, 19-22 February 2017, 53-57. https://doi.org/10.23919/ICACT.2017.7890056
[60]
Schlenker, A., Fang, F. and Tambe, M. (2018) Deceiving Cyber Adversaries: A Game Theoretic Approach. Proceedings of the 17th International Conference on Autonomous Agents and Multiagent Systems (AAMAS 2018), Stockholm, Sweden, 10-15 July 2018, 9 p.
[61]
Durkota, K., Lisy, V., Bošansky, B. and Kiekintveld, C. (2015) Optimal Network Security Hardening Using Attack Graph Games. Proceedings of the Twenty-Fourth International Joint Conference on Artificial Intelligence, Buenos Aires, 25-31 July 2015, 526-532.
[62]
Fraunholz, D. and Schotten, D.H. (2018) Strategic Defense and Attack in Deception Based Network Security. International Conference on Information Networking, Chiang Mai, 10-12 January 2018, 156-161. https://doi.org/10.1109/ICOIN.2018.8343103
[63]
Çeker, H., Zhuang, J., Upadhyaya, S., La, Q. and Soong, B.-H. (2016) Deception-Based Game Theoretical Approach to Mitigate DoS Attacks. In: Zhu, Q., Alpcan, T., Panaousis, E., Tambe, M. and Casey, W., Eds., Decision and Game Theory for Security. GameSec 2016. Lecture Notes in Computer Science, Vol. 9996, Springer, Cham, 18-38. https://doi.org/10.1007/978-3-319-47413-7_2
[64]
Wang, K., Du, M., Maharjan, S. and Sun, Y. (2017) Strategic Honeypot Game Model for Distributed Denial of Service Attacks in the Smart Grid. IEEE Transactions on Smart Grid, 8, 2474-2482. https://doi.org/10.1109/TSG.2017.2670144
[65]
Horák, K., Zhu, Q. and Bošansky, B. (2017) Manipulating Adversary’s Belief: A Dynamic Game Approach to Deception by Design for Proactive Network Security. In: Rass, S., et al., Eds., Proceedings of the International Conference on Decision and Game Theory for Security, Springer, Berlin, 273-294. https://doi.org/10.1007/978-3-319-68711-7_15
[66]
Sokol, P., Míšek, J. and Husák, M. (2017) Honeypots and Honeynets: Issues of Privacy. EURASIP Journal on Information Security, 2017, Article No. 4. https://doi.org/10.1186/s13635-017-0057-4
[67]
Sokol, P. (2014) Legal Issues of Honeynet’s Generations. Proceedings of the 2014 6th International Conference on Electronics, Computers and Artificial Intelligence (ECAI), Bucharest, 23-25 October 2014, 63-69. https://doi.org/10.1109/ECAI.2014.7090212
[68]
Nance, K. and Ryan, D.J. (2011) Legal Aspects of Digital Forensics: A Research Agenda. 2011 44th Hawaii International Conference on System Sciences, Kauai, HI, 4-7 January 2011, 1-6. https://doi.org/10.1109/HICSS.2011.282
[69]
Burstein, A.J. (2008) Conducting Cybersecurity Research Legally and Ethically. LEET’08: Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats, San Francisco, CA, 15 April 2008, Article No. 8.
[70]
Sicker, D.C., Ohm, P. and Grunwald, D. (2007) Legal Issues Surrounding Monitoring during Network Research. IMC’07: Proceedings of the 7th ACM SIGCOMM Conference on Internet Measurement, San Francisco, CA, 24-26 October 2007, 141-148. https://doi.org/10.1145/1298306.1298307
[71]
Oluoha, O. and Ebem, D. (2019) A Proposed Framework for Smart Home Systems Design & Adoption. Computing, Information Systems & Development Informatics Journal, 10, 15-28. https://doi.org/10.22624/AIMS/CISDI/V10N1P3
[72]
Okereke, G.E. and Oluoha, O. (2017) Security Strategies in Embedded Systems. International Journal of Current Science and Technology, 5, 431-437.
