Cyber deception is a defensive technique that involves the deployment of decoys (such as artifacts, configurations, or scenarios) with which an attacker can interact unknowingly. By doing so, it reveals pertinent information about the attacker's Tactics, Techniques, and Procedures (TTPs), thereby granting the defender a strategic advantage and a valuable source of data for cyber threat intelligence.
Our focus:
- Explore relevant scenarios and requirements for the application of cyber deception
- Formalisation and implementation of optimal and sub-optimal algorithms for the selection of the most appropriate decoys to deploy
- Development of automated and cloud-native cyber deception tools
Selected publications We recently started this research area and we have no papers published yet. However, please have a look at our first work Resource-aware Cyber Deception in Cloud-Native Environments, currently under review. We will also publish soon our proof-of-concept tool for cyber deception.