{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,25]],"date-time":"2025-03-25T23:19:28Z","timestamp":1742944768368,"version":"3.40.3"},"publisher-location":"Cham","reference-count":31,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030493356"},{"type":"electronic","value":"9783030493363"}],"license":[{"start":{"date-parts":[[2020,8,13]],"date-time":"2020-08-13T00:00:00Z","timestamp":1597276800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2020,8,13]],"date-time":"2020-08-13T00:00:00Z","timestamp":1597276800000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"DOI":"10.1007\/978-3-030-49336-3_41","type":"book-chapter","created":{"date-parts":[[2020,8,12]],"date-time":"2020-08-12T12:05:28Z","timestamp":1597233928000},"page":"419-428","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":5,"title":["Towards Cyber Attribution by Deception"],"prefix":"10.1007","author":[{"given":"Sampsa","family":"Rauti","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2020,8,13]]},"reference":[{"key":"41_CR1","doi-asserted-by":"publisher","first-page":"21","DOI":"10.1007\/978-3-030-02110-8","volume-title":"Autonomous Cyber Deception","author":"E Al-Shaer","year":"2019","unstructured":"Al-Shaer, E., Wei, J., Hamlen, K.W., Wang, C.: Towards intelligent cyber deception systems. In: Al-Shaer, E., Wei, J., Hamlen, K., Wang, C. (eds.) Autonomous Cyber Deception, pp. 21\u201333. Springer, Cham (2019)"},{"key":"41_CR2","doi-asserted-by":"crossref","unstructured":"Almeshekah, M., Spafford, E.: Planning and integrating deception into computer security defenses. In: Proceedings of the 2014 Workshop on New Security Paradigms Workshop, pp. 127\u2013138. ACM (2014)","DOI":"10.1145\/2683467.2683482"},{"key":"41_CR3","doi-asserted-by":"crossref","unstructured":"Araujo, F., Hamlen, K.W., Biedermann, S., Katzenbeisser, S.: From patches to honey-patches: lightweight attacker misdirection, deception, and disinformation. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 942\u2013953. ACM (2014)","DOI":"10.1145\/2660267.2660329"},{"key":"41_CR4","unstructured":"Araujo, F., Shapouri, M., Pandey, S., Hamlen, K.: Experiences with honey-patching in active cyber security education. In: 8th Workshop on Cyber Security Experimentation and Test (CSET 2015) (2015)"},{"key":"41_CR5","volume-title":"The Practice of Network Security Monitoring: Understanding Incident Detection and Response","author":"R Bejtlich","year":"2013","unstructured":"Bejtlich, R.: The Practice of Network Security Monitoring: Understanding Incident Detection and Response. No Starch Press, San Francisco (2013)"},{"key":"41_CR6","unstructured":"Chew, M., Song, D.: Mitigating buffer overflows by operating system randomization (2002)"},{"key":"41_CR7","unstructured":"Cohen, F., Koike, D.: Misleading attackers with deception. In: Proceedings from the Fifth Annual IEEE Information Assurance Workshop, pp. 30\u201337. IEEE (2004)"},{"key":"41_CR8","doi-asserted-by":"crossref","unstructured":"Juels, A., Rivest, R.L.: Honeywords: making password-cracking detectable. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, pp. 145\u2013160, November 2013","DOI":"10.1145\/2508859.2516671"},{"issue":"5","key":"41_CR9","first-page":"6098","volume":"5","author":"N Kambow","year":"2014","unstructured":"Kambow, N., Passi, L.K.: Honeypots: the need of network security. Int. J. Comput. Sci. Inf. Technol. 5(5), 6098\u20136101 (2014)","journal-title":"Int. J. Comput. Sci. Inf. Technol."},{"issue":"5","key":"41_CR10","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1109\/MIS.2018.2877277","volume":"33","author":"P Karuna","year":"2018","unstructured":"Karuna, P., Purohit, H., Ganesan, R., Jajodia, S.: Generating hard to comprehend fake documents for defensive cyber deception. IEEE Intell. Syst. 33(5), 16\u201325 (2018)","journal-title":"IEEE Intell. Syst."},{"key":"41_CR11","doi-asserted-by":"crossref","unstructured":"Laur\u00e9n, S., M\u00e4ki, P., Rauti, S., Hosseinzadeh, S., Hyrynsalmi, S., Lepp\u00e4nen, V.: Symbol diversification of Linux binaries. In: World Congress on Internet Security (WorldCIS 2014), pp. 74\u201379. IEEE (2014)","DOI":"10.1109\/WorldCIS.2014.7028170"},{"key":"41_CR12","unstructured":"Laur\u00e9n, S., Rauti, S., Lepp\u00e4nen, V.: An interface diversified honeypot for malware analysis. In: Procedings of the 10th European Conference on Software Architecture Workshops. ACM (2016). Article no. 29"},{"issue":"1","key":"41_CR13","first-page":"75","volume":"70","author":"H Lin","year":"2016","unstructured":"Lin, H.: Attribution of malicious cyber incidents: from soup to nuts. J. Int. Aff. 70(1), 75\u2013137 (2016)","journal-title":"J. Int. Aff."},{"issue":"1","key":"41_CR14","doi-asserted-by":"publisher","first-page":"61","DOI":"10.1145\/1127345.1127348","volume":"9","author":"D Mutz","year":"2006","unstructured":"Mutz, D., Valeur, F., Vigna, G., Kruegel, C.: Anomalous system call detection. ACM Trans. Inf. Syst. Secur. (TISSEC) 9(1), 61\u201393 (2006)","journal-title":"ACM Trans. Inf. Syst. Secur. (TISSEC)"},{"key":"41_CR15","unstructured":"Office of the Director of National Intelligence: A guide to cyber attribution (2018)"},{"key":"41_CR16","doi-asserted-by":"crossref","unstructured":"Rauti, S., Lepp\u00e4nen, V.: A survey on fake entities as a method to detect and monitor malicious activity. In: 2017 25th Euromicro International Conference on Parallel, Distributed and Network-Based Processing (PDP), pp. 386\u2013390. IEEE (2017)","DOI":"10.1109\/PDP.2017.34"},{"key":"41_CR17","doi-asserted-by":"crossref","unstructured":"Rietta, F.S.: Application layer intrusion detection for SQL injection. In: Proceedings of the 44th Annual Southeast Regional Conference, pp. 531\u2013536. ACM (2006)","DOI":"10.1145\/1185448.1185564"},{"key":"41_CR18","unstructured":"Rowe, N.C.: Designing good deceptions in defense of information systems. In: 20th Annual Computer Security Applications Conference, pp. 418\u2013427. IEEE (2004)"},{"key":"41_CR19","unstructured":"Rowe, N.C.: A model of deception during cyber-attacks on information systems. In: IEEE First Symposium on Multi-Agent Security and Survivability, pp. 21\u201330. IEEE (2004)"},{"key":"41_CR20","doi-asserted-by":"crossref","unstructured":"Rowe, N.C.: Deception in defense of computer systems from cyber attack. In: Cyber Warfare and Cyber Terrorism, pp. 97\u2013104. IGI Global (2007)","DOI":"10.4018\/978-1-59140-991-5.ch013"},{"key":"41_CR21","unstructured":"Spafford, E.: More than passive defense (2011). \nhttps:\/\/www.cerias.purdue.edu\/site\/blog\/post\/more_than_passive_defense\/"},{"key":"41_CR22","volume-title":"Honeypots: Tracking Hackers","author":"L Spitzner","year":"2002","unstructured":"Spitzner, L.: Honeypots: Tracking Hackers. Addison-Wesley Longman Publishing Co., Inc., Boston (2002)"},{"key":"41_CR23","unstructured":"Uitto, J., Rauti, S., M\u00e4kel\u00e4, J.M., Lepp\u00e4nen, V.: Preventing malicious attacks by diversifying Linux shell commands. In: SPLST, pp. 206\u2013220 (2015)"},{"key":"41_CR24","doi-asserted-by":"crossref","unstructured":"Virvilis, N., Gritzalis, D.: The big four - what we did wrong in advanced persistent threat detection? In: 2013 International Conference on Availability, Reliability and Security, pp. 248\u2013254 (2013)","DOI":"10.1109\/ARES.2013.32"},{"key":"41_CR25","doi-asserted-by":"crossref","unstructured":"Virvilis, N., Vanautgaerden, B., Serrano, O.S.: Changing the game: the art of deceiving sophisticated attackers. In: 6th International Conference on Cyber Conflict (CyCon 2014), pp. 87\u201397. IEEE (2014)","DOI":"10.1109\/CYCON.2014.6916397"},{"issue":"2","key":"41_CR26","doi-asserted-by":"publisher","first-page":"80","DOI":"10.1109\/MSP.2018.1870866","volume":"16","author":"C Wang","year":"2018","unstructured":"Wang, C., Lu, Z.: Cyber deception: overview and the road ahead. IEEE Secur. Priv. 16(2), 80\u201385 (2018)","journal-title":"IEEE Secur. Priv."},{"key":"41_CR27","doi-asserted-by":"crossref","unstructured":"Wang, W., Bickford, J., Murynets, I., Subbaraman, R., Forte, A.G., Singaraju, G.: Catching the wily hacker: a multilayer deception system. In: 35th IEEE Sarnoff Symposium, pp. 1\u20136. IEEE (2012)","DOI":"10.1109\/SARNOF.2012.6222760"},{"key":"41_CR28","unstructured":"Whitham, B.: Canary files: generating fake files to detect critical data loss from complex computer networks. In: Second International Conference on Cyber Security, Cyber Peacefare and Digital Forensic (CyberSec2013), Malaysia (2013)"},{"key":"41_CR29","unstructured":"Yuill, J.: Defensive computer-security deception operations: processes, principles and techniques. Ph.D. thesis, North Carolina State University (2006)"},{"key":"41_CR30","unstructured":"Yuill, J., Zappe, M., Denning, D., Feer, F.: Honeyfiles: deceptive files for intrusion detection. In: Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, pp. 116\u2013122. IEEE (2004)"},{"key":"41_CR31","unstructured":"Zeltser, L.: Detecting memory-scraping malware. US Patent 9,774,627, 26 September 2017"}],"container-title":["Advances in Intelligent Systems and Computing","Hybrid Intelligent Systems"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-49336-3_41","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,8,12]],"date-time":"2020-08-12T13:02:05Z","timestamp":1597237325000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-49336-3_41"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,8,13]]},"ISBN":["9783030493356","9783030493363"],"references-count":31,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-49336-3_41","relation":{},"ISSN":["2194-5357","2194-5365"],"issn-type":[{"type":"print","value":"2194-5357"},{"type":"electronic","value":"2194-5365"}],"subject":[],"published":{"date-parts":[[2020,8,13]]},"assertion":[{"value":"13 August 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"HIS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Hybrid Intelligent Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Sehore","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"India","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10 December 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 December 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"his2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.mirlabs.net\/his19\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}