What if we could change the battle arena of cyber security, so that we, as defenders, would not be the underdogs anymore? What if adversary would need to make only one mistake to get caught instead of finding only one exploitable vulnerability to get in? What if someone breaches your worker system and starts lateral movement - can you detect that? What if your security operations center could get alerts with zero false positives? What if the adversaries could not find the wanted targets from your compromised systems?
Cyber deception is a category of cyber security defense answering these questions. Deception techniques can be used to prevent, detect and analyze attacks, and respond to them. Successful deception techniques scare the adversaries away to easier targets, frustrate them to make mistakes, or at least keep them away long enough from your most important resources.
Download the presentation slides.pdf
Key learning objectives
- The idea of cyber deception
- A few examples of cyber deception techniques
- The main challenges
- Basic Operational Security (OPSEC) for the presented cyber deception techniques
Keywords: Cyber defense, cyber deception, tricks, traps, decoys, cheating, honeystuff
Pasi Ahonen, Principal Scientist
After his Ph. Lic. Degree in industrial physics, Pasi Ahonen acquired 10 years of industrial experience in various R&D topics with telecommunication systems, IP network information security, lawful interception methods, security key management techniques, VPN techniques, embedded system security analysis, and developing 13 international patent application families for his employer. At VTT, he then practiced information security assurance as a team leader, e.g. for smart electric grids & active demand. Since 2007, he has been focusing on industrial automation security by leading and executing numerous cyber security commissioning projects for the industry and National Emergency Supply Agency (NESA).
Teemu Väisänen, MSc, is fighting in the cyber security arena as a research scientist in Cyber Security team of VTT Technical Research Centre of Finland Ltd. His weapons are years of experience from various domains giving a good overview to the battle arena, and ability to break things – at least accidentally.