{"id":"https://openalex.org/W3048161450","doi":"https://doi.org/10.1109/cns48642.2020.9162298","title":"A Quantitative Framework to Model Reconnaissance by Stealthy Attackers and Support Deception-Based Defenses","display_name":"A Quantitative Framework to Model Reconnaissance by Stealthy Attackers and Support Deception-Based Defenses","publication_year":2020,"publication_date":"2020-06-01","ids":{"openalex":"https://openalex.org/W3048161450","doi":"https://doi.org/10.1109/cns48642.2020.9162298","mag":"3048161450"},"language":"en","primary_location":{"id":"doi:10.1109/cns48642.2020.9162298","is_oa":false,"landing_page_url":"https://doi.org/10.1109/cns48642.2020.9162298","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 IEEE Conference on Communications and Network Security (CNS)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5012569297","display_name":"Luan Huy Pham","orcid":null},"institutions":[{"id":"https://openalex.org/I162714631","display_name":"George Mason University","ror":"https://ror.org/02jqj7156","country_code":"US","type":"education","lineage":["https://openalex.org/I162714631"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Luan Huy Pham","raw_affiliation_strings":["George Mason University, Fairfax, VA, USA"],"affiliations":[{"raw_affiliation_string":"George Mason University, Fairfax, VA, USA","institution_ids":["https://openalex.org/I162714631"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5066709657","display_name":"Massimiliano Albanese","orcid":"https://orcid.org/0000-0002-2675-5810"},"institutions":[{"id":"https://openalex.org/I162714631","display_name":"George Mason University","ror":"https://ror.org/02jqj7156","country_code":"US","type":"education","lineage":["https://openalex.org/I162714631"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Massimiliano Albanese","raw_affiliation_strings":["George Mason University, Fairfax, VA, USA"],"affiliations":[{"raw_affiliation_string":"George Mason University, Fairfax, VA, USA","institution_ids":["https://openalex.org/I162714631"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5103911831","display_name":"Ritu Chadha","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Ritu Chadha","raw_affiliation_strings":["Perspecta Labs, Basking Ridge, NJ, USA"],"affiliations":[{"raw_affiliation_string":"Perspecta Labs, Basking Ridge, NJ, USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5110132499","display_name":"Cho\u2010Yu Jason Chiang","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Cho-Yu J. Chiang","raw_affiliation_strings":["Perspecta Labs, Basking Ridge, NJ, USA"],"affiliations":[{"raw_affiliation_string":"Perspecta Labs, Basking Ridge, NJ, USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5109412228","display_name":"Sridhar Venkatesan","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Sridhar Venkatesan","raw_affiliation_strings":["Perspecta Labs, Basking Ridge, NJ, USA"],"affiliations":[{"raw_affiliation_string":"Perspecta Labs, Basking Ridge, NJ, USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5090126029","display_name":"Charles Kamhoua","orcid":"https://orcid.org/0000-0003-2169-5975"},"institutions":[{"id":"https://openalex.org/I166416128","display_name":"DEVCOM Army Research Laboratory","ror":"https://ror.org/011hc8f90","country_code":"US","type":"government","lineage":["https://openalex.org/I1304082316","https://openalex.org/I1330347796","https://openalex.org/I166416128","https://openalex.org/I2802705668","https://openalex.org/I4210154437"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Charles Kamhoua","raw_affiliation_strings":["US CCDC Army Research Laboratory, Adelphi, MD, USA"],"affiliations":[{"raw_affiliation_string":"US CCDC Army Research Laboratory, Adelphi, MD, USA","institution_ids":["https://openalex.org/I166416128"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5075553610","display_name":"Nandi Leslie","orcid":null},"institutions":[{"id":"https://openalex.org/I166416128","display_name":"DEVCOM Army Research Laboratory","ror":"https://ror.org/011hc8f90","country_code":"US","type":"government","lineage":["https://openalex.org/I1304082316","https://openalex.org/I1330347796","https://openalex.org/I166416128","https://openalex.org/I2802705668","https://openalex.org/I4210154437"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Nandi Leslie","raw_affiliation_strings":["US CCDC Army Research Laboratory, Adelphi, MD, USA"],"affiliations":[{"raw_affiliation_string":"US CCDC Army Research Laboratory, Adelphi, MD, USA","institution_ids":["https://openalex.org/I166416128"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5012569297"],"corresponding_institution_ids":["https://openalex.org/I162714631"],"apc_list":null,"apc_paid":null,"fwci":1.0792,"has_fulltext":false,"cited_by_count":8,"citation_normalized_percentile":{"value":0.79367531,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"9"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/testbed","display_name":"Testbed","score":0.8624589443206787},{"id":"https://openalex.org/keywords/honeypot","display_name":"Honeypot","score":0.8411884307861328},{"id":"https://openalex.org/keywords/adversary","display_name":"Adversary","score":0.7917413711547852},{"id":"https://openalex.org/keywords/deception","display_name":"Deception","score":0.7901357412338257},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7723174095153809},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.713775634765625},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.7130814790725708},{"id":"https://openalex.org/keywords/adversary-model","display_name":"Adversary model","score":0.5463233590126038},{"id":"https://openalex.org/keywords/perspective","display_name":"Perspective (graphical)","score":0.4439217448234558},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.15537595748901367},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.12700513005256653}],"concepts":[{"id":"https://openalex.org/C31395832","wikidata":"https://www.wikidata.org/wiki/Q1318674","display_name":"Testbed","level":2,"score":0.8624589443206787},{"id":"https://openalex.org/C191267431","wikidata":"https://www.wikidata.org/wiki/Q911932","display_name":"Honeypot","level":2,"score":0.8411884307861328},{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.7917413711547852},{"id":"https://openalex.org/C2779267917","wikidata":"https://www.wikidata.org/wiki/Q170028","display_name":"Deception","level":2,"score":0.7901357412338257},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7723174095153809},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.713775634765625},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.7130814790725708},{"id":"https://openalex.org/C7606001","wikidata":"https://www.wikidata.org/wiki/Q4686702","display_name":"Adversary model","level":3,"score":0.5463233590126038},{"id":"https://openalex.org/C12713177","wikidata":"https://www.wikidata.org/wiki/Q1900281","display_name":"Perspective (graphical)","level":2,"score":0.4439217448234558},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.15537595748901367},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.12700513005256653},{"id":"https://openalex.org/C77805123","wikidata":"https://www.wikidata.org/wiki/Q161272","display_name":"Social psychology","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/cns48642.2020.9162298","is_oa":false,"landing_page_url":"https://doi.org/10.1109/cns48642.2020.9162298","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 IEEE Conference on Communications and Network Security (CNS)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":19,"referenced_works":["https://openalex.org/W433644524","https://openalex.org/W1991210879","https://openalex.org/W2051968851","https://openalex.org/W2129586531","https://openalex.org/W2142755671","https://openalex.org/W2177058407","https://openalex.org/W2397065307","https://openalex.org/W2527763218","https://openalex.org/W2564269296","https://openalex.org/W2565020460","https://openalex.org/W2586974575","https://openalex.org/W2748696935","https://openalex.org/W2765103943","https://openalex.org/W2887813238","https://openalex.org/W2906747544","https://openalex.org/W2906998334","https://openalex.org/W3159998597","https://openalex.org/W6712631520","https://openalex.org/W6753757022"],"related_works":["https://openalex.org/W2350724208","https://openalex.org/W2000018903","https://openalex.org/W3142690625","https://openalex.org/W1534090575","https://openalex.org/W2360866534","https://openalex.org/W2372392697","https://openalex.org/W4312961703","https://openalex.org/W2362932354","https://openalex.org/W2391396896","https://openalex.org/W2998623387"],"abstract_inverted_index":{"In":[0],"recent":[1],"years,":[2],"persistent":[3],"cyber":[4],"adversaries":[5,15,81,150],"have":[6,16],"developed":[7],"increasingly":[8],"sophisticated":[9],"techniques":[10],"to":[11,45,76,145],"evade":[12],"detection.":[13],"Once":[14],"established":[17],"a":[18,42,73],"foothold":[19,93],"within":[20,94],"the":[21,56,85,95,100,105,123,132,147],"target":[22,86,114],"network,":[23],"using":[24],"seemingly-limited":[25],"passive":[26],"reconnaissance":[27,34,58],"techniques,":[28],"they":[29],"can":[30,130],"develop":[31],"significant":[32],"network":[33,87],"capabilities.":[35],"Cyber":[36],"deception":[37],"has":[38],"been":[39],"recognized":[40],"as":[41,144],"critical":[43,156],"capability":[44],"defend":[46],"against":[47,64],"such":[48],"adversaries,":[49],"but,":[50],"without":[51],"an":[52],"accurate":[53],"model":[54,75,98,119],"of":[55,108,136,149],"adversary\u2019s":[57,106],"behavior,":[59],"current":[60],"approaches":[61],"are":[62],"ineffective":[63],"advanced":[65],"adversaries.":[66],"To":[67],"address":[68],"this":[69],"gap,":[70],"we":[71],"propose":[72],"novel":[74],"capture":[77],"how":[78,128],"advanced,":[79],"stealthy":[80],"acquire":[82],"knowledge":[83],"about":[84],"and":[88,90,102,110,126,134,151],"establish":[89],"expand":[91],"their":[92],"system.":[96],"This":[97],"quantifies":[99],"cost":[101],"reward,":[103],"from":[104,155],"perspective,":[107],"compromising":[109],"maintaining":[111],"control":[112],"over":[113],"nodes.":[115],"We":[116],"evaluate":[117],"our":[118],"through":[120],"simulations":[121],"in":[122],"CyberVAN":[124],"testbed,":[125],"indicate":[127],"it":[129],"guide":[131],"development":[133],"deployment":[135],"future":[137],"defensive":[138],"capabilities,":[139],"including":[140],"high-interaction":[141],"honeypots,":[142],"so":[143],"influence":[146],"behavior":[148],"steer":[152],"them":[153],"away":[154],"resources.":[157]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2023,"cited_by_count":3},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":3}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}