The talk begins with introduction to deception technology, deception types and methods, deceptive security life cycle. In this talk, we will demonstrate the following deception tools implemented using python language:
• WebTrap (https://github.com/IllusiveNetworks-Labs/WebTrap): is designed to create deceptive webpages to deceive and redirect attackers away from real websites. The deceptive webpages are generated by cloning real websites, specifically their login pages.
• DemonHunter (https://github.com/RevengeComing/DemonHunter): is a distributed low interaction honeypot with Agent/Master design
Finally, we will conclude the talk with how built a deception tool and demonstrate its working. We will demonstrate how our count-based validation technique combined with the LSTM machine learning algorithm was used to protect from XPath injection attacks. We will also demonstrate how deceiving attackers can be an effective strategy in protecting resources.