“Spoofing the Spoofers”
Communications of the ACM, November 10, 2020
Commissioned by CACM Staff
By Joe Dysart
“Essentially, the software enables a security professional or system administrator to study and react to, hacker activity with much greater sophistication…”
Researchers at various universities have come up with cybersecurity software that tricks hackers into revealing the tactics they use to penetrate and control computer systems. Instead of blocking hackers, the software ingeniously invites hackers in, routes them to a decoy Web site or network, and then studies their behavior as they reveal their nefarious methods.
For example, the DEEP-Dig ((DEcEPtion DIGging) software transforms hackers into “a source of free labor,” says Kevin Hamlen, a member of the research team and Eugene McDermott Professor of Computer Science professor at the University of Texas at Dallas.
The ploy of using decoy Web sites and decoy networks to trick hackers has been in use by security administrators since around the turn of the century, according to Richard Forno, a senior lecturer in the department of computer science and electrical engineering of the University of Maryland, Baltimore County (UMBC), and assistant director of the UMBC Center for Cybersecurity.
Approaches to the security deception method vary, but the principle behind them remains the same: enable a hacker to penetrate your network, then trick him or her into thinking they are working with your actual network or data when in fact they are really working with a dummy network or dummy data.
Often, security deception software creates emulations of the inner workings of entire networks or Web sites in an attempt to fool hackers.
The difference with DEEP-Dig’s approach to this principle is that it’s powered by a deep neural network. Essentially, the software enables a security professional or system administrator to study and react to, hacker activity with much greater sophistication, according to Reza Curtmola, a professor of computer science in the New Jersey Institute of Technology who specializes in cybersecurity.
Perhaps security deception software’s greatest potential pitfall is that no amount of AI-powered trickery will safeguard an organization if a network administrator fails to meet the basic requirements of cybersecurity…
About the Author:
Joe Dysart is an Internet speaker and business consultant based in Manhattan, NY, USA.