Visions and Considerations for Next-Generation Holistic Cyber Deception
摘要
Cyber deception, as a research topic in the science and technology community or an essential component of organizing cyber operations in the modern cyber landscape, has attracted much attention from researchers and practitioners alike. However, a relatively holistic consideration of the overall cyber deception landscape is largely missing. This situation may hinder the understanding, research, development and deployment of current and future cyber deception techniques and tools. This chapter describes our attempt to help rectify this situation. First, using a typical enterprise as the representative environment, we discuss the major aspects in developing cyber deception technologies: modeling, design, human elements, and their interactions. Second, we present the triad of Technology, Metrics, and Humans, focusing on the importance of metrics. Third, we will identify different ways of achieving believable deception, describe the gaps in current simulation and emulation practice for cyber deception research, and recommend novel paradigms and approaches for cyber deception test and evaluation (T&E) with suggested methodology for experimentation, measurement and analysis. Finally, we will include discussions on how recent advances in artificial intelligence (AI), machine learning (ML), and particularly large language models (LLM) may play a role in the landscape of cyber deception.