D3O — DECEPTION FRAMEWORK

Singapore Polytechnic (SP)
Diploma in Infocomm Security Management (DISM) 
Final Year Project

Project Completed 2018

ABSTRACT

Many existing incident management frameworks do not address removing threats coming from persistent adversaries Existing incident management framework generally do not cover detecting and learning from unknown adversary’s tactics or techniques. This results in a whack-a-mole situation.


With that in mind, the purpose for this project is to develop a framework that guides users on ways and means of deception or steps that can be taken to manipulate the adversaries into entering honeypot and prevent extensive damage from being done to actual production systems. This way the user can learn adversary’s information and the tactics or techniques they used while at the same time keep real danger away from production system/network.


The team came up with a framework called D3O. It aims to provide users with the means of deception in an incident management framework, unlike a conventional incident management framework. It is a framework that focuses on 4 cores; Detection, Decision, Deception and Observation. Each of these cores provides a foundation for the framework and unique support to the purpose of this project. In addition, the team did a proof of concept to evaluate the feasibility of the framework.

 

PROJECT TEAM

EMIL TAN

Project Supervisor
(The Honeynet Project, Singapore Chapter)

HO CHEE MENG

Project Supervisor
(SP, DISM)

TENG YAN HAO

Student
(SP, DISM)

CHUA YI XUAN

Student
(SP, DISM)

ONG CHEE XIAN

Student
(SP, DISM)

CHEN YAN JIUN

Student
(SP, DISM)

YAP BING XUN

Student
(SP, DISM)

 

Contact Us

Terms of Use | Code of Conduct

All rights reserved.

Division Zero (Div0) © 2017-2020.

Edgis © 2011-2017.