Apate: defending legacy and modern networks with cyber-deception

Navn på bevillingshaver

Emmanouil Vasilomanolakis

Titel

Associate Professor

Institution

Technical University of Denmark

Beløb

DKK 5,000,000

År

2023

Bevillingstype

Semper Ardens: Accelerate

Hvad?

Traditional cyber-security has been protecting networks mainly by building sophisticated "walls". However, experience shows that advanced attacks can still go through, especially when conducted against old, but critical, systems (e.g. an old power plant). Cyber-deception has emerged as a field of cyber-security that aims at deceiving attackers by trapping them in never-ending pursues.

Hvorfor?

The idea of tricking attackers through deception shows great potential not only because of technical reasons such as creating early warning systems and reducing the attack surface. Recent findings from the field of cyber-psychology suggest that a.) human attackers have bias in their attack decisions and b.) knowledge that deception exists can alter their strategy. This can be used against them.

Hvordan?

With Apate, the goddess of deception in ancient Greece, we propose the novel concept of gentle deception to protect old legacy systems. These deception traps are of low communication overhead and do not overwhelm the system they are protecting. Moreover, Apate utilizes theories from cyber-psychology by creating deception that takes into account human cognition aspects of attackers.

Tilbage til oversigtssiden