I have successfully defended my PhD thesis and ended my journey at Purdue. This would have not been possible without the help and guidance from my advisors Prof. Eugene H. Spafford (aka. Spaf) and Prof. Mikhal J. Atallah (aka. Mike). I was honored to have the opportunity to learn from such renowned scientists and highly respected mentors. They taught me the skills that would guide me in my career for years to come. I am forever indebted to them and aspire to follow in their footsteps.
I would also like to express my deepest appreciation to my committee members, Prof. Samuel Wagstaff and Prof. Matt Bishop, for their invaluable advice and help. Without their insights and hard questions, this dissertation would not have been possible.
I am also extremely grateful for my beloved wife, Asma, for her continuous encouragement and unwavering support. She provided light when the rigors of intellectual pursuit were casting a shadow. I would not have finished this dissertation without her by my side. She has sacrificed beyond what I wished for and has done so with love. Also, I am grateful for my parents for their unwavering support and unforgettable endorsement, especially to my dearest mom. She is the pillar I stand by during hard times and I owe her my life for her constant love and encouragement.
Special thanks are also due to Northrop Grumman, Saudi Arabian Cultural Mission, and King Saud University for supporting me throughout my PhD. Finally, I take this opportunity to record my sincere thanks to all the faculty, staff, and friends at the Computer Science Department and CERIAS; they provided me with one of the best academic environment during my PhD.
Using Deception to Enhance Security: A Taxonomy, Model, and Novel Uses
Mohammed H. Almeshekah, PhD Thesis, Purdue University August 2015
ABSTRACT: As the convergence between our physical and digital worlds continue at a rapid pace, securing our digital information is vital to our prosperity. Most current typical computer systems are unwittingly helpful to attackers through their predictable responses. In everyday security, deception plays a prominent role in our lives and digital security is no different. The use of deception has been a cornerstone technique in many successful computer breaches. Phishing, social engineering, and drive-by- downloads are some prime examples. The work in this dissertation is structured to enhance the security of computer systems by using means of deception and deceit.
Deception-based security mechanisms focus on altering adversaries’ perception of computer systems in a way that can confuse them and waste their time and resources. These techniques exploit adversaries’ biases and present them with a plausible alter- native to the truth bringing a number of unique advantages to computer security. In addition, deception has been widely used in many areas of computing for decades and security is no different. However, deception has only been used haphazardly in computer security.
In this dissertation we present a framework where deception can be planned and integrated into computer defenses. We posit how the well-known Kerckhoffs’s principle has been misinterpreted to drive the security community away from deception-based mechanisms. We present two schemes that employ deception to protect users’ passwords during transmission and at rest when they are stored on a computer server. Moreover, we designed and built a centralized deceptive server that can be hooked to internet-facing servers giving them the ability to return deceptive responses. These three schemes are designed, implemented, and analyzed for their security and performance.
The use of deception in security, and in computing in general, shows some fruitful results. This dissertation discusses some of the unique advantages of such mechanisms and presents a framework to show how they can be integrated into computer defenses. Also, it provides three practical schemes that employ deception in their design to address some existing security challenges. We postulate that the use of deception can effectively enhance the effectiveness of current security defenses and present novel ways to address many security challenges.
Thesis Defense Presentation: