Method and Rules for Determining the Next Centralization Option in Multicomputer System Architecture
DOI:
https://doi.org/10.47839/ijc.24.1.3875Keywords:
multicomputer systems, deception systems, centralization, bait, trapsAbstract
The paper poses a scientific problem regarding the development of multi-computer systems that would be the basis for their use in the field of cybersecurity and information protection. One of the problematic tasks that needed to be solved was the development of a method for determining the next option for centralization in systems without user intervention in order to complicate the search for the center of the system for attackers and establish the principles of their functioning. As a result of the research, methods for synthesizing systems and systems that are designed to function in corporate networks and can change their architecture during operation, that is, are adaptive, were analyzed. According to the results of the study, insufficient detailing of the internal architecture of systems was established in terms of mechanisms that launch and implement the restructuring of systems, including the center of systems. In the analyzed works, attention is mainly focused on the migration of the center between system components. The choice of the next option for the center of systems is not detailed. Therefore, the task was set in the context of the development of the theory of distributed systems to develop a method for determining the next option for centralization in systems. The work formalized the components and elements of the systems, the connections between them, the operating environment of the systems and their centers, and based on them, rules were developed for selecting the next centralization option. The obtained rules became the basis of the developed method for determining the next centralization option in systems during their restructuring without the involvement of an administrator. A feature of the developed method is the avoidance of complete or significant partial search when selecting a centralization option. To confirm the effectiveness of the proposed solution, an experimental system was developed and a study of centralization options was conducted with it. Also, machine modeling of such a system was carried out. The obtained theoretical and experimental results showed their convergence and confirmed the feasibility of using the developed method. The directions of further research are the development of a systems controller for selecting one and approving the solution options developed in the centers of the systems.
References
A. Kashtalian, S. Lysenko, O. Savenko, A. Nicheporuk, T. Sochor, and V. Avsiyevych, “Multi-computer malware detection systems with metamorphic functionality,” Radioelectronic and Computer Systems, vol. 2024, no. 1, pp. 152–175, 2024. https://doi.org/10.32620/reks.2024.1.13.
O. Savenko, A. Sachenko, S. Lysenko, G. Markowsky, and N. Vasylkiv, “Botnet detection approach based on the distributed systems,” International Journal of Computing, vol. 19, no. 2, pp. 190–198, 2020. https://doi.org/10.47839/ijc.19.2.1761.
B. Savenko, A. Kashtalian, S. Lysenko, and O. Savenko, “Malware detection by distributed systems with partial centralization,” in 2023 IEEE 12th International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS), Dortmund, Germany, 2023, pp. 265–270. https://doi.org/10.1109/IDAACS58523.2023.10348773.
A. Kashtalian, S. Lysenko, B. Savenko, T. Sochor, and T. Kysil, “Principle and method of deception systems synthesizing for malware and computer attacks detection,” Radioelectronic and Computer Systems, vol. 2023, no. 4, pp. 112–151, 2023, doi: https://doi.org/10.32620/reks.2023.4.10.
N. Doukas, P. Stavroulakis, & N. Bardis, “Review of artificial intelligence cyber threat assessment techniques for increased system survivability,” Malware Analysis Using Artificial Intelligence and Deep Learning, Springer International Publishing, 2021, pp. 207-222. https://doi.org/10.1007/978-3-030-62582-5_7.
R. Mehresh and S.J. Upadhyaya, “Deception-based survivability,” in Secure System Design and Trustable Computing, C.H. Chang and M. Potkonjak, Eds. Cham: Springer, 2016, https://doi.org/10.1007/978-3-319-14971-4_17.
N. Soule, P. Pal, S. Clark, B. Krisler, and A. Macera, “Enabling defensive deception in distributed system environments,” in Proceedings of the 2016 Resilience Week (RWS), Chicago, IL, USA, 2016, pp. 73–76, https://doi.org/10.1109/RWEEK.2016.7573310.
M. Baykara and R. Das, “SoftSwitch: A centralized honeypot-based security approach using software-defined switching for secure management of VLAN networks,” Turkish Journal of Electrical Engineering & Computer Sciences, vol. 27, pp. 3309–3325, 2019, https://doi.org/10.3906/elk-1812-86.
S. Kyung, W. Han, N. K. Tiwari, V. H. Dixit, L. Srinivas, Z. Zhao, A. Doupé, and G. Ahn, “HoneyProxy: Design and implementation of next-generation honeynet via SDN,” in Proceedings of the 2017 IEEE Conference on Communications and Network Security (CNS), 2017, pp. 1–9. https://doi.org/10.1109/CNS.2017.8228653.
N. H. Khoa, H. Do, K. Ngo-Khanh, P. T. Duy, and V.H. Pham, “SDN-based cyber deception deployment for proactive defense strategy using Honey of Things and cyber threat intelligence,” in Intelligence of Things: Technologies and Applications, ICIT 2023, vol. 188, N.N. Dao, T.N. Thinh, and N.T. Nguyen, Eds. Cham: Springer, 2023, https://doi.org/10.1007/978-3-031-46749-3_26.
C. Gao, Y. Wang, X. Xiong, and W. Zhao, “MTDCD: An MTD enhanced cyber deception defense system,” in Proceedings of the 2021 IEEE 4th Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC), Chongqing, China, 2021, pp. 1412–1417, https://doi.org/10.1109/IMCEC51613.2021.9482133.
F. De Gaspari, S. Jajodia, L. Mancini, and A. Panico, “AHEAD: A new architecture for active defense,” in Proceedings of the ACM International Conference on Computer and Communications Security, 2016, pp. 11–16, https://doi.org/10.1145/2994475.2994481.
W. Fan, D. Fernández, and Z. Du, “Adaptive and flexible virtual honeynet,” in Advances in Computer Science and Ubiquitous Computing, Cham: Springer, 2015, https://doi.org/10.1007/978-3-319-25744-0_1.
D. Sever and T. Kišasondi, “Efficiency and security of docker-based honeypot systems,” in Proceedings of the 2018 41st International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), Opatija, Croatia, 2018, pp. 1167–1173, https://doi.org/10.23919/MIPRO.2018.8400212.
A. Ravi, B. Sharma, and A. Mukherjee, “A cloud-native honeynet automation and orchestration framework,” OSF Preprints, 2023, https://doi.org/10.31219/osf.io/xkqzr.
T. Yu, Y. Xin, and C. Zhang, “HoneyFactory: Container-based comprehensive cyber deception honeynet architecture,” Electronics, vol. 13, no. 2, p. 361, 2024, https://doi.org/10.3390/electronics13020361.
M.M. Islam and E. Al-Shaer, “Active deception framework: An extensible development environment for adaptive cyber deception,” in Proceedings of the 2020 IEEE Secure Development (SecDev), Atlanta, GA, USA, 2020, pp. 41–48, https://doi.org/10.1109/SecDev45635.2020.00023.
J. Landsborough, L. Carpenter, B. Coronado, S. Fugate, K. Ferguson-Walter, and D. Bruggen, “Towards self-adaptive cyber deception for defense,” in Proceedings of the HICSS-54, 2021, https://doi.org/10.24251/HICSS.2021.244.
C.J. Chiang, Y.M. Gottlieb, S. Sugrim, R. Chadha, C. Serban, A. Poylisher, L.M. Marvel, and J. Santos, “ACyDS: An adaptive cyber deception system,” in Proceedings of the 2016 IEEE Military Communications Conference MILCOM 2016, 2016, pp. 800–805, https://doi.org/10.1109/MILCOM.2016.7795427.
W. Tounsi, “Cyber deception: The ultimate piece of a defensive strategy – proof of concept,” in Proceedings of the 2022 7th International Conference on Cyber Security and Protection of Digital Services (CyberSec), 2022, pp. 1–5, https://doi.org/10.1109/CSNet56116.2022.9955605.
A. Mitropoulos, G. Kougka, D. Lampoudis, and C. Patsakis, “Design and implementation of adaptive deception-based cyber security solutions,” in Proceedings of the 2021 IEEE International Conference on Informatics, IoT, and Enabling Technologies (ICIoT), Dubai, UAE, 2021, pp. 247–252. doi: 10.1109/ICIoT52221.2021.9476067.
S. Nazemi, A. Ghafoorian, and A. Azmoodeh, “A dynamic cyber deception method for APT defense,” in Proceedings of the 2020 6th International Conference on Web Research (ICWR), Tehran, Iran, 2020, pp. 128–133, https://doi.org/10.1109/ICWR49608.2020.9122318.
Z. Sui, X. Wang, Y. Zhang, and Z. Zhang, “Dynamic cyber deception based on knowledge graph reasoning,” in Proceedings of the 2021 IEEE International Conference on Intelligence and Security Informatics (ISI), 2021, pp. 1–6, doi: 10.1109/ISI54217.2021.9674327.
J. Haslum, R. Dewar, S. Chaudhry, and I. Ray, “Exploring active cyber deception for security: A survey of tools and techniques,” IEEE Access, vol. 8, pp. 22444–22458, 2020, doi: 10.1109/ACCESS.2020.2969643.
L. Chen, J. Xu, and Y. Liu, “A survey of deception-based defense mechanisms,” Security and Communication Networks, vol. 2021, Article ID 5562934, 2021, doi: 10.1155/2021/5562934.
T. Zheng and H. Liu, “Game-based approach for active cyber defense using deception techniques,” in Proceedings of the 2020 IEEE Symposium on Privacy-Aware Computing (PAC), 2020, pp. 25–31, doi: 10.1109/PAC50185.2020.00010.
M. Manadhata, J. Kim, A. Mettler, and D. Melski, “Deceptive defense design,” Journal of Cybersecurity and Privacy, vol. 1, no. 1, pp. 66–85, 2021, https://doi.org/10.3390/jcp1010005.
S. Rajagopalan, S. Yu, and H. Zheng, “Dynamic deception for proactive defense,” in Proceedings of the 2017 IEEE International Symposium on Cyberspace Safety and Security (CSS), 2017, pp. 41–47, doi: 10.1109/CSS.2017.19.
M. Prandini and M. Drahansky, “The role of deception in computer security: A review,” Computers & Security, vol. 109, 102396, 2021, https://doi.org/10.1016/j.cose.2021.102396.
H. Zheng and L. Liu, “Moving target defense with deception technology,” in Proceedings of the 2021 ACM Workshop on Moving Target Defense (MTD), 2021, pp. 1–6, doi: 10.1145/3485947.3485954.
P. Frazier, K. Ferguson-Walter, and J. Landsborough, “The effectiveness of adaptive cyber deception tactics,” in Proceedings of the 2022 Annual Computer Security Applications Conference (ACSAC), 2022, pp. 203–214, doi: 10.1145/3564625.3564677.
S. Hossain and J. Lee, “Application of machine learning techniques in deception-based cybersecurity,” IEEE Transactions on Emerging Topics in Computational Intelligence, vol. 6, no. 2, pp. 382–392, 2022, doi: 10.1109/TETCI.2022.3148418.
W. Zhao, Y. Xu, and H. Yu, “Integrating deception techniques into multi-layered security frameworks,” in Proceedings of the 2023 IEEE International Conference on Cloud Computing (CLOUD), 2023, pp. 95–100, doi: 10.1109/CLOUD57382.2023.10151620.
Y. Wang, G. Yang, J. Chen, and L. Liu, “The role of deception in cybersecurity defense: A critical review,” Future Generation Computer Systems, vol. 142, pp. 234–247, 2024, https://doi.org/10.1016/j.future.2023.12.018.
A. Sachenko, V. Kochan, V. Kharchenko, H. Roth, V. Yatskiv, M. Chernyshov, P. Bykovyy, O. Roshchupkin, V. Koval, H. Fesenko, “Mobile post-emergency monitoring system for nuclear power plants,” in CEUR Workshop Proceedings, vol. 1614, pp. 384–398, 2016. CEUR-WS. ISSN: 1613-0073.
L. Huang and Q. Zhu, “Duplicity games for deception design with an application to insider threat mitigation,” in IEEE Transactions on Information Forensics and Security, vol. 16, pp. 4843-4856, 2021, https://doi.org/10.1109/TIFS.2021.3118886.
P.S. Park, S. Goldstein, A. O'Gara, M. Chen, D. Hendrycks, “AI Deception: A Survey of Examples, Risks, and Potential Solutions," https://doi.org/10.48550/arXiv.2308.14752.
L. Zhang, V. L. L. Thing, “Three Decades of Deception Techniques in Active Cyber Defense – Retrospect and Outlook,” https://doi.org/10.48550/arXiv.2104.03594.
B. C. Ward, S. R. Gomez, R. W. Skowyra, D. Bigelow, J. Martin, J. Landry, H. Okhravi, “Survey of Cyber Moving Targets Second Edition,” Semantic Scholar, 2018, https://www.semanticscholar.org/paper/Survey-of-Cyber-Moving-Targets-Second-Edition-Ward-Gomez/889aa42d8b9e7f731324cca810071333544c4f60.
P. V. Mohan, S. Dixit, A. Gyaneshwar, U. Chadha, K. Srinivasan, J. T. Seo, “Leveraging computational intelligence techniques for defensive deception: A review, recent advances, open problems and future directions,” Sensors, vol. 22, no. 6, 2194, 2022, https://doi.org/10.3390/s22062194.
D. Jay, “Deception technology based intrusion protection and detection mechanism for digital substations: A game theoretical approach," in IEEE Access, vol. 11, pp. 53301-53314, 2023, https://doi.org/10.1109/ACCESS.2023.3279504.
M. R Amal, P. Venkadesh, “Review of cyber attack detection: Honeypot system,” Webology, vol. 19, no. 1, pp. 5497-5514, 2022, https://doi.org/10.14704/WEB/V19I1/WEB19370.
Downloads
Published
How to Cite
Issue
Section
License
International Journal of Computing is an open access journal. Authors who publish with this journal agree to the following terms:• Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
• Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
• Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.
