BishtRef
Articles Journals Publishers Authors Subjects Most Cited New Papers Year Stats Open Access
journal article Open Access Jun 15, 2023

Does subnetting and port hardening influence human adversarial decisions? An investigation via a HackIT tool

Shashank Uttrani Palvi Aggarwal Varun Dutt
Frontiers in Big Data Vol. 6 · Frontiers Media SA
View at Publisher Save 10.3389/fdata.2023.988007
Abstract
Prior research in cyber deception has investigated the effectiveness of the timing of deception on human decisions using simulation tools. However, there exists a gap in the literature on how the availability of subnets and port-hardening influence human decisions to attack a system. We tested the influence of subnets and port-hardening on human attack decisions in a simulated environment using the HackIT tool. Availability of subnets (present/absent) within a network and port-hardening (easy-to-attack/hard-to-attack) were varied across four between-subject conditions (N = 30 in each condition): with-subnet with easy-to-attack, with-subnet with hard-to-attack, without-subnet with easy-to-attack, and without-subnet with hard-to-attack. In with-subnet conditions, 40 systems were connected in a hybrid topology network with ten subnets connected linearly, and each subnet contained four connected systems. In without-subnet conditions, all 40 systems were connected in a bus topology. In hard-to-attack (easy-to-attack) conditions, the probabilities of successfully attacking real systems and honeypots were kept low (high) and high (low), respectively. In an experiment, human participants were randomly assigned to one of the four conditions to attack as many real systems as possible and steal credit card information. Results revealed a significant decrease in the proportion of real system attacks in the availability of subnetting and port hardening within the network. Also, more honeypots were attacked in with-subnet conditions than without-subnet conditions. Moreover, a significantly lower proportion of real systems were attacked in the port-hardened condition. This research highlights the implications of subnetting and port-hardening with honeypots to reduce real system attacks. These findings are relevant in developing advanced intrusion detection systems trained on hackers' behavior.
Topics

No keywords indexed for this article. Browse by subject →

References
35
[1]
Deceiving Network Reconnaissance Using SDN-Based Virtual Topologies

Stefan Achleitner, Thomas F. La Porta, Patrick McDaniel et al.

IEEE Transactions on Network and Service Managemen... 2017 10.1109/tnsm.2017.2724239
[2]
Addae "An Augmented Cybersecurity Behavioral Research Model" (2016) 10.1109/compsac.2016.52
[3]
Aggarwal (2020)
[4]
Aggarwal (2016)
[5]
Albanese "Time-efficient and cost-effective network hardening using attack graphs" (2012) 10.1109/dsn.2012.6263942
[6]
Araujo "Cross-stack threat sensing for cyber security and resilience" 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W) (2018) 10.1109/dsn-w.2018.00016
[7]
Caulkins "Cyber workforce development using a behavioral cybersecurity paradigm" 2016 International Conference on Cyber Conflict (CyCon U.S.) (2016) 10.1109/cyconus.2016.7836614
[8]
Chadha "CyberVAN: a cyber security virtual assured network testbed" (2016) 10.1109/milcom.2016.7795481
[9]
Chatfield (2017) 10.1145/3085228.3085233
[10]
Dietz (2014)
[11]
Dutt "Making instance-based learning theory usable and understandable: the instance-based learning tool" Comput. Human Behav. (2012) 10.1016/j.chb.02006
[12]
Field (2013)
[13]
Furman "Basing cybersecurity training on user perceptions" IEEE Sec. Privacy (2012) 10.1109/msp.2011.180
[14]
Gonzalez "Instance-based learning in dynamic decision making" Cogn. Sci. (2003) 10.1016/s0364-0213(03)00031-4
[15]
Gunes "Cyber security risk assessment for seaports: A case study of a container port" Comput. Secur. (2021) 10.1016/j.cose.2021.102196
[16]
Hassine "“Toward a UCM-based approach for recovering system availability requirements from execution traces,”" (2014)
[17]
Jackson (2015)
[18]
Kambow "Honeypots: the need of network security" Int. J. Comp. Sci. Inform. Technol. (2014)
[19]
Katakwar "Influence of network size on adversarial decisions in a deception game involving honeypots [Original Research]" Front. Psychol. (2020) 10.3389/fpsyg.2020.535803
[20]
Kelly Adversarially Adapting Deceptive Views and Reconnaissance Scans on a Software Defined Network (2019)
[21]
La "Role of network topology in cybersecurity" (2014) 10.1109/cdc.2014.7040216
[22]
Maqbool "Cyber security: effects of penalizing defenders in cyber-security games via experimentation and computational modeling [original research]" Front. Psychol. (2020) 10.3389/fpsyg.2020.00011
[23]
Mason "Conducting behavioral research on Amazon's Mechanical Turk" Behav. Res. Method (2012) 10.3758/s13428-011-0124-6
[24]
Mohammed "“Honeypots,”" (2013)
[25]
Nguyen-Tuong "“Automatically hardening web applications using precise tainting,”" (2005) 10.1007/0-387-25660-1_20
[26]
Pu Hypergraph Clustering for Better Network Traffic Inspection The 3rd Workshop on Intelligent Security at IJCAI (2011)
[27]
Silic "The dark side of social networking sites: understanding phishing risks" Comp. Human Behav. (2016) 10.1016/j.chb.02050
[28]
Singal "Modeling decisions in games using reinforcement learning" 2017 International Conference on Machine Learning and Data Science (MLDS) (2017) 10.1109/mlds.2017.13
[29]
Spitzner Honeypots: Catching the Insider Threat Proceedings of the 19th Annual Computer Security Applications Conference (2003)
[30]
Sutton "Countering Malware Via Decoy Processes with Improved Resource Utilization Consistency" (2019) 10.1109/tps-isa48467.2019.00022
[31]
Turnbull (2005)
[32]
Varga (2008)
[33]
Veksler "Simulations in cyber-security: a review of cognitive modeling of network attackers, defenders, and users" Front. Psychol. (2018) 10.3389./fpsyg.2018.00691
[34]
Webster "Experience using active and passive mapping for network situational awareness" (2006) 10.1109/nca.2006.23
[35]
Weir "Estimating F-statistics" Annu Rev Genet (2002) 10.1146/annurev.genet.36.050802.093940
Metrics
1
Citations
35
References
Details
Published
Jun 15, 2023
Vol/Issue
6
License
View
Authors
S
Shashank Uttrani
P
Palvi Aggarwal
V
Varun Dutt
Cite This Article
Shashank Uttrani, Palvi Aggarwal, Varun Dutt (2023). Does subnetting and port hardening influence human adversarial decisions? An investigation via a HackIT tool. Frontiers in Big Data, 6. https://doi.org/10.3389/fdata.2023.988007
Related

You May Also Like

Principles and Practice of Explainable Machine Learning

Vaishak Belle, Ioannis Papantonis · 2021

519 citations

Social Data: Biases, Methodological Pitfalls, and Ethical Boundaries

Alexandra Olteanu, Carlos Castillo · 2019

450 citations

A Survey of Data Quality Measurement and Monitoring Tools

Lisa Ehrlinger, Wolfram Wöß · 2022

136 citations

Improving Diagnosis of Depression With XGBOOST Machine Learning Model and a Large Biomarkers Dutch Dataset (n = 11,081)

Amita Sharma, Willem J. M. I. Verbeke · 2020

110 citations

A Review of Microsoft Academic Services for Science of Science Studies

Kuansan Wang, Zhihong Shen · 2019

100 citations