A Survey of Network Requirements for Enabling Effective Cyber Deception
Md Abu Sayed, Moqsadur Rahman, Mohammad Ariful Islam Khan, Deepak Tosh
TL;DR
The paper addresses securing increasingly dynamic networks against sophisticated threats such as APTs and large-scale DDoS by surveying SDN-enabled cyber deception methods, including moving target defense, reconnaissance invalidation, network virtualization, and token-based filtering. It consolidates frameworks, evaluation methodologies, and open challenges, emphasizing the need for scalable, adaptive deception that accounts for intelligent attackers and real-world usability. Key contributions include taxonomy of deception techniques, analysis of SDN-based frameworks, and guidance on evaluation metrics and future directions, including integration with machine learning and game-theoretic analysis. The work provides a practical reference for designing robust, adaptable cyber deception strategies in programmable networks with implications for defense planning and policy.
Abstract
In the evolving landscape of cybersecurity, the utilization of cyber deception has gained prominence as a proactive defense strategy against sophisticated attacks. This paper presents a comprehensive survey that investigates the crucial network requirements essential for the successful implementation of effective cyber deception techniques. With a focus on diverse network architectures and topologies, we delve into the intricate relationship between network characteristics and the deployment of deception mechanisms. This survey provides an in-depth analysis of prevailing cyber deception frameworks, highlighting their strengths and limitations in meeting the requirements for optimal efficacy. By synthesizing insights from both theoretical and practical perspectives, we contribute to a comprehensive understanding of the network prerequisites crucial for enabling robust and adaptable cyber deception strategies.