Deception for the Cyber Defender: To Err is Human; to Deceive, Divine

Presented at ShmooCon XI (2015), Unknown date/time (Unknown duration)

Since the first conflict between man, deception has played an integral role. Today on the network battlefield attackers enjoy many advantages and frequently employ deception as a powerful tool to accomplish their objectives. In this talk we discuss how to turn the tables on the attacker and employ deception strategies that deceive both human attackers and the code they employ to best defend your assets. This talk isn't about social engineering or honeypots, but instead carefully analyzes dozens of deception techniques and how they can be woven together into a deception strategy that increases your defensive posture. We do so by mapping traditional and well-developed military battlefield deception techniques and principles onto the cyber domain. We'll intersperse historical examples from military deception operations as well as provide new concepts for deception on the geographic, physical (OSI Layer 1), Logical (OSI Layer 2-7), persona, and supervisory planes that comprise the operational cyber environment. You'll leave this talk inspired and armed to better defend your networks, systems, and people while forcing your attackers off balance.

Presenters:

  • Greg Conti as Gregory Conti
    Greg Conti is Director of the Army Cyber Institute at West Point. He has spoken at Black Hat, DEFCON, ShmooCon, and RSA.
  • David Raymond
    David Raymond is an Associate Professor at West Point where he teaches cybersecurity and coaches the CTF Team. He is an Army officer with a unique mix of experience in armored maneuver warfare and Army automation.
  • Tom Cross / Decius as Tom Cross
    Tom Cross is CTO at Drawbridge Networks. Previously he was the Director of StealthWatch Labs at Lancope and manager of X­Force Research at IBM/ISS. He has spoken at numerous security conferences, including Black Hat, DEFCON, CyCon, HOPE and RSA.