An Active Deception Defense Model Based on Address Mutation and Fingerprint Camouflage

The static and predictable characteristics of cyber systems give attackers an asymmetric advantage in gathering useful information and launching attacks.To reverse this asymmetric advantage,a new defense idea,called Moving Target Defense(MTD),has been proposed to provide additional selectable measures to complement traditional defense.However,MTD is unable to defeat the sophisticated attacker with fingerprint tracking ability.To overcome this limitation,we go one step beyond and show that the combination of MTD and Deception-based Cyber Defense(DCD)can achieve higher performance than either of them.In particular,we first introduce and formalize a novel attacker model named Scan and Foothold Attack(SFA)based on cyber kill chain.Afterwards,we develop probabilistic models for SFA defenses to provide a deeper analysis of the theoretical effect under different defense strategies.These models quantify attack success probability and the probability that the attacker will be deceived under various conditions,such as the size of address space,and the number of hosts,attack analysis time.Finally,the experimental results show that the actual defense effect of each strategy almost perfectly follows its probabilistic model.Also,the defense strategy of combining address mutation and fingerprint camouflage can achieve a better defense effect than the single address mutation.

Distributed Fault Estimation for Nonlinear Systems With Sensor Saturation and Deception Attacks Using Stochastic Communication Protocols

This paper is aimed at the distributed fault estimation issue associated with the potential loss of actuator efficiency for a type of discrete-time nonlinear systems with sensor saturation.For the distributed estimation structure under consideration,an estimation center is not necessary,and the estimator derives its information from itself and neighboring nodes,which fuses the state vector and the measurement vector.In an effort to cut down data conflicts in communication networks,the stochastic communication protocol(SCP)is employed so that the output signals from sensors can be selected.Additionally,a recursive security estimator scheme is created since attackers randomly inject malicious signals into the selected data.On this basis,sufficient conditions for a fault estimator with less conservatism are presented which ensure an upper bound of the estimation error covariance and the mean-square exponential boundedness of the estimating error.Finally,a numerical example is used to show the reliability and effectiveness of the considered distributed estimation algorithm.

Video-Based Deception Detection with Non-Contact Heart Rate Monitoring and Multi-Modal Feature Selection

Deception detection plays a crucial role in criminal investigation.Videos contain a wealth of information regarding apparent and physiological changes in individuals,and thus can serve as an effective means of deception detection.In this paper,we investigate video-based deception detection considering both apparent visual features such as eye gaze,head pose and facial action unit(AU),and non-contact heart rate detected by remote photoplethysmography(rPPG)technique.Multiple wrapper-based feature selection methods combined with the K-nearest neighbor(KNN)and support vector machine(SVM)classifiers are employed to screen the most effective features for deception detection.We evaluate the performance of the proposed method on both a self-collected physiological-assisted visual deception detection(PV3D)dataset and a public bag-oflies(BOL)dataset.Experimental results demonstrate that the SVM classifier with symbiotic organisms search(SOS)feature selection yields the best overall performance,with an area under the curve(AUC)of 83.27%and accuracy(ACC)of 83.33%for PV3D,and an AUC of 71.18%and ACC of 70.33%for BOL.This demonstrates the stability and effectiveness of the proposed method in video-based deception detection tasks.

Cyber Deception Using NLP

Cyber security addresses the protection of information systems in cyberspace. These systems face multiple attacks on a daily basis, with the level of complication getting increasingly challenging. Despite the existence of multiple solutions, attackers are still quite successful at identifying vulnerabilities to exploit. This is why cyber deception is increasingly being used to divert attackers’ attention and, therefore, enhance the security of information systems. To be effective, deception environments need fake data. This is where Natural Language (NLP) Processing comes in. Many cyber security models have used NLP for vulnerability detection in information systems, email classification, fake citation detection, and many others. Although it is used for text generation, existing models seem to be unsuitable for data generation in a deception environment. Our goal is to use text generation in NLP to generate data in the deception context that will be used to build multi-level deception in information systems. Our model consists of three (3) components, including the connection component, the deception component, composed of several states in which an attacker may be, depending on whether he is malicious or not, and the text generation component. The text generation component considers as input the real data of the information system and allows the production of several texts as output, which are usable at different deception levels.

Hybrid Metaheuristics with Deep Learning Enabled Automated Deception Detection and Classification of Facial Expressions

Automatic deception recognition has received considerable atten-tion from the machine learning community due to recent research on its vast application to social media,interviews,law enforcement,and the mil-itary.Video analysis-based techniques for automated deception detection have received increasing interest.This study develops a new self-adaptive population-based firefly algorithm with a deep learning-enabled automated deception detection(SAPFF-DLADD)model for analyzing facial cues.Ini-tially,the input video is separated into a set of video frames.Then,the SAPFF-DLADD model applies the MobileNet-based feature extractor to produce a useful set of features.The long short-term memory(LSTM)model is exploited for deception detection and classification.In the final stage,the SAPFF technique is applied to optimally alter the hyperparameter values of the LSTM model,showing the novelty of the work.The experimental validation of the SAPFF-DLADD model is tested using the Miami University Deception Detection Database(MU3D),a database comprised of two classes,namely,truth and deception.An extensive comparative analysis reported a better performance of the SAPFF-DLADD model compared to recent approaches,with a higher accuracy of 99%.

Cutting Edge Trends in Deception Based Intrusion Detection Systems—A Survey

Cyber criminals have become a formidable treat in today’s world. This present reality has placed cloud computing platforms under constant treats of cyber-attacks at all levels, with an ever-evolving treat landscape. It has been observed that the number of threats faced in cloud computing is rising exponentially mainly due to its widespread adoption, rapid expansion and a vast attack surface. One of the front-line tools employed in defense against cyber-attacks is the Intrusion Detection Systems (IDSs). In recent times, an increasing number of researchers and cyber security practitioners alike have advocated the use of deception-based techniques in IDS and other cyber security defenses as against the use of traditional methods. This paper presents an extensive overview of the deception technology environment, as well as a review of current trends and implementation models in deception-based Intrusion Detection Systems. Issues mitigating the implementation of deception based cyber security defenses are also investigated.

Secure Impulsive Synchronization in Lipschitz-Type Multi-Agent Systems Subject to Deception Attacks

Cyber attacks pose severe threats on synchronization of multi-agent systems.Deception attack,as a typical type of cyber attack,can bypass the surveillance of the attack detection mechanism silently,resulting in a heavy loss.Therefore,the problem of mean-square bounded synchronization in multi-agent systems subject to deception attacks is investigated in this paper.The control signals can be replaced with false data from controllerto-actuator channels or the controller.The success of the attack is measured through a stochastic variable.A distributed impulsive controller using a pinning strategy is redesigned,which ensures that mean-square bounded synchronization is achieved in the presence of deception attacks.Some sufficient conditions are derived,in which upper bounds of the synchronization error are given.Finally,two numerical simulations with symmetric and asymmetric network topologies are given to illustrate the theoretical results.

Genome of a thermophilic bacterium Geobacillus sp. TFV3 from Deception Island, Antarctica

Thermophilic microorganisms have always been an important part of the ecosystem,particularly in a hot environment,as they play a key role in nutrient recycling at high temperatures where most microorganisms cannot cope.While most of the thermophiles are archaea,thermophiles can also be found among some species of bacteria.These bacteria are very useful in the fundamental study of heat adaptation,and they are also important as potential sources of thermostable enzymes and metabolites.Recently,we have isolated a Gram-positive thermophilic bacterium,Geobacillus sp.TFV3 from a volcanic soil sample from Deception Island,Antarctica.This project was undertaken to analyze the genes of this thermophilic Antarctic bacterium and to determine the presence of thermal-stress adaptation proteins in its genome.The genome of Geobacillus sp.TFV3 was first purified,sequenced,assembled,and annotated.The complete genome was found to harbor genes encoding for useful thermal-stress adaptation proteins.The majority of these proteins were categorized under the family of molecular chaperone and heat shock protein.This genomic information could eventually provide insights on how the bacterium adapts itself towards high growth temperatures.

High-Frequency Trading:Deception and Consequences

This commentary is based on the work of Cooper,Davis,and Van Vliet(2016)and the commentary focuses on what problem high-frequency trading poses.It lists key literature on high-frequency trading that is missing and points out that the poker analogy to defend deception in financial markets is weak and misleading.The article elaborates on the negative impact created by spoofing and quote stuffing,the two typical deceptive practices used by high-frequency traders.The recent regulations regarding high-frequency trading,in response to the“Flash Crash”of 2010,are preventive,computerized and more effective.They reflect ethical requirements to maintain fair and stable financial markets.

A Reflection on The Icarus Deception—How High Will You Fly Translation Practice

This thesis is based on the author's experience of English to Chinese translation practice of two parts of The Icarus Deception—How High Will You Fly which is an economic motivation book by American best selling author Seth Godin published by Penguin Books Ltd Dec, 2012. The thesis is a reflection about the process of translation, from the perspectives of lexical, sentence structure, discourse and the understanding of the source text etc.

Alicyclobacillus sp. strain CC2, a thermo-acidophilic bacterium isolated from Deception Island(Antarctica) containing a thermostable superoxide dismutase enzyme

A gram-positive, rod-shaped, aerobic, thermo-acidophilic bacterium CC2 （optimal temperature 55℃ and pH 4.0）, belonging to the genus Alicyclobacillus was isolated from geothermal soil collected from ＂Cerro Caliente＂, Deception Island, Antarctica. Owing to the harsh environmental conditions found in this territory, microorganisms are exposed to conditions that trigger the generation of reactive oxygen species （ROS）. They must have an effective antioxidant defense system to deal with this oxidative stress. We focused on one of the most important enzymes： superoxide dismutase, which was partially purified and characterized. This study presents the first report of a thermo-acidophilic bacterium isolated from Deception lsland with a thermostable superoxide dismutase （SOD）.

A NEW DYNAMIC DEFENSE MODEL BASED ON ACTIVE DECEPTION

Aiming at the traditional passive deception models,this paper constructs a Decoy Platform based on Intelligent Agent(DPIA) to realize dynamic defense.The paper explores a new dynamic defense model based on active deception,introduces its architecture,and expatiates on communication methods and security guarantee in information transference.Simulation results show that the DPIA can attract hacker agility and activity,lead abnormal traffic into it,distribute a large number of attack data,and ensure real network security.

Memory-based adaptive event-triggered secure control of Markovian jumping neural networks suffering from deception attacks

In this article,we study the secure control of the Markovian jumping neural networks(MJNNs)subject to deception attacks.Considering the limitation of the network bandwidth and the impact of the deception attacks,we propose two memory-based adaptive event-trigger mechanisms(AETMs).Different from the available event-trigger mechanisms,these two memory-based AETMs contain the historical triggered data not only in the triggering conditions,but also in the adaptive law.They can adjust the data transmission rate adaptively so as to alleviate the impact of deception attacks on the controlled system and to suppress the peak of the system response.In view of the proposed memory-based AETMs,a time-dependent Lyapunov functional is constructed to analyze the stability of the error system.Some sufficient conditions to ensure the asymptotical synchronization of master-slave MJNNs are obtained,and two easy-to-implement co-design algorithms for the feedback gain matrix and the trigger matrix are given.Finally,a numerical example is given to verify the feasibility and superiority of the two memory-based AETMs.

Self-deception can evolve under appropriate costs

Apparent biases in decision making by animals, including humans, seem to present an evolutionary puzzle, since one would expect decisions based on biased （unrealistic） information to be suboptimal. Although cognitive biases are hard to diag- nose in real animals （Marshall et al., 2013b）, we investigate Trivers＇ proposal that individuals should self-deceive first in order to better deceive others （Trivers, 2011）. Although this proposal has been scrutinized extensively （Bandura et al., 2011） it has not been formally modelled. We present the first model designed to investigate Trivers＇ proposal. We introduce an extension to a re- cent model of the evolution of self-deception （Johnson and Fowler, 2011）. In the extended model individuals make decisions by taking directly into account the benefits and costs of each outcome and by choosing the course of action that can be estimated as the best with the information available. It is shown that in certain circumstances self-deceiving decision-makers are the most evolutionarily successful, even when there is no deception between these. In a further extension of this model individuals addi- tionally exhibit deception biases and Trivers＇ premise （that effective deception is less physiologically costly with the aid of self-deception） is incorporated. It is shown that under Trivers＇ hypothesis natural selection favors individuals that self-deceive as they deceive others .

CORMAND2--针对工业机器人的欺骗攻击

Industrial robots are becoming increasingly vulnerable to cyber incidents and attacks,particularly with the dawn of the Industrial Internet-of-Things(IIoT).To gain a comprehensive understanding of these cyber risks,vulnerabilities of industrial robots were analyzed empirically,using more than three million communication packets collected with testbeds of two ABB IRB120 robots and five other robots from various original equipment manufacturers(OEMs).This analysis,guided by the confidentiality-integrity-availability(CIA)triad,uncovers robot vulnerabilities in three dimensions:confidentiality,integrity,and availability.These vulnerabilities were used to design Covering Robot Manipulation via Data Deception(CORMAND2),an automated cyber-physical attack against industrial robots.CORMAND2 manipulates robot operation while deceiving the Supervisory Control and Data Acquisition(SCADA)system that the robot is operating normally by modifying the robot’s movement data and data deception.CORMAND2 and its capability of degrading the manufacturing was validated experimentally using the aforementioned seven robots from six different OEMs.CORMAND2 unveils the limitations of existing anomaly detection systems,more specifically the assumption of the authenticity of SCADA-received movement data,to which we propose mitigations for.

Predatory pollinator deception： Does the orchid mantis resemble a model species？

Cases of imperfect or non-model mimicry are common in plants and animals and challenge intuitive assumptions about the nature of directional selection on mimics. Many non-rewarding flower species do not mimic a particular species, but at- tract pollinators through ＇generalised food deception＇. Some predatory animals also attract pollinators by resembling flowers, perhaps the most well known, yet least well understood, is the orchid mantis Hymenopus coronatus. This praying mantis has been hypothesised to mimic a flower corolla and we have previously shown that it attracts and captures pollinating insects as prey. Predatory pollinator deception is relatively unstudied and whether this occurs through model mimicry or generalised food decep- tion in the orchid mantis is unknown. To test whether the orchid mantis mimics a specific model flower species we investigated similarities between its morphology and that of flowers in its natural habitat in peninsular Malaysia. Geometric morphometrics were used to compare the shape of mantis femoral lobes to flower petals. Physiological vision models were used to compare the colour of mantises and flowers from the perspective of bees, flies and birds. We did not find strong evidence for a specific model flower species for the orchid mantis. The mantis＇ colour and shape varied within the range of that exhibited by many flower pet- als rather than resembling one type in particular. We suggest that the orchid mantis resembles an average, or generalised flower-like stimulus. Thus predatory pollinator deception in the orchid mantis is likely to function as a form of generalised food deception, as opposed to model mimicry .

Reconstruction of measurements in state estimation strategy against deception attacks for cyber physical systems

Without the known state equation, a new state estimation strategy is designed to be against malicious attacks for cyber physical systems. Inspired by the idea of data reconstruction, the compressive sensing （CS） is applied to reconstruction of residual measurements after the detection and identification scheme based on the Markov graph of the system state, which increases the resilience of state estimation strategy against deception attacks. First, the observability analysis is introduced to decide the triggering time of the measurement reconstruction and the damage level from attacks. In particular, the dictionary learning is proposed to form the over-completed dictionary by K-singular value decomposition （K-SVD）, which is produced adaptively according to the characteristics of the measurement data. In addition, due to the irregularity of residual measurements, a sampling matrix is designed as the measurement matrix. Finally, the simulation experiments are performed on 6-bus power system. Results show that the reconstruction of measurements is completed well by the proposed reconstruction method, and the corresponding effects are better than reconstruction scheme based on the joint dictionary and the traditional Gauss or Bernoulli random matrix respectively. Especially, when only 29% available clean measurements are left, performance of the proposed strategy is still extraordinary, which reflects generality for five kinds of recovery algorithms.

Sexual deception： Coevolution or inescapable exploitation？

Sexual deception involves the mimicry of another species＇ sexual signals in order to exploit behavioural routines linked to those signals. Known sexually deceptive systems use visual, acoustic or olfactory mimicry to exploit insects for preda- tion, cleptoparasitism and pollination. It is predicted that where sexual deception inflicts a cost on the receiver, a coevolutionary arms race could result in the evolution of discriminating receivers and increasingly refined mimicry. We constructed a conceptual model to understand the importance of trade-offs in the coevolution of sexually deceptive mimic and receiver. Four components examined were： the cost of mimicry, the cost to receiver for being fooled, the density of mimics and the relative magnitude of a mimicry-independent component of fitness. The model predicts that the exploitation of non-discriminating receivers by accurate signal mimicry will evolve as an evolutionary stable strategy under a wide range of the parameter space explored. This is due to the difficulty in minimising the costs of being fooled without incurring the cost of falsely rejecting real mating opportunities. In the model, the evolution of deception is impeded when mimicry imposes substantial costs for both sides of the arms race. Olfac- tory signals that are potentially cheap to produce are therefore likely to be more vulnerable to exploitation than expensive visual ornaments

Is Deception Acceptable to Save a Life?

In March 2011,Xie Sanxiu,a rural woman from Hubei Province,fell to her knees and walked on them in Guangzhou,capital city of Guangdong Province,hugging her ill daughter and begging for money.

Evolutionary implications of deception in mimicry and masquerade

Aggressive mimicry occurs when an organism resembles some aspect of another organism （the model） in order to obtain prey through its deceptive resemblance. This may function either through the overt response of the receiver or through the lack of response of the receiver. Reviewing selected examples, I discuss some of the difficulties in ascribing a model for the mimic. I also discuss how a single animal can have multiple ploys in its armoury of deceptive signals, thus belonging within two or more categories of deceptive signalling. In addition to aggressive mimicry, these may include crypsis or camouflage, mas- querade （mimicry of inanimate objects）, and Batesian or protective mimicry. Each of these examples of deception has multiple evolutionary pathways, and some deceptive signals may be more costly to receivers than others, but no single organism is subject to a single selection pressure, leading to the reality that many evolutionary pathways contribute to the diversity we see around us. New technologies are opening new channels of investigation into deceptive signaling in many different sensory modalities, and this is reflected in the recent increase in studies investigating the structure and function of deceptive signals. In turn, these studies are beginning to expose the fascinating complexity of deceptive signaling systems, allowing us to discover the myriad, non-mutually exclusive, solutions that can be selected for to obtain prey