Deception enables a more proactive security act. Deception aims to avoid a cybercriminal that has managed to penetrate a network from doing any huge damage. It offers a more accurate and quicker detection of attackers. It creates no false positives. Honeypots were the first simple form of deception. It is intended to detect existing intrusions and return that breach intelligence directly to the network’s security team. Any other cybersecurity sends a huge amount of alerts for being attacked each alert need to solve specifically but a maximum of them are false positives this is too time-consuming and required more and more employees. So all we need to reduce the false positives alerts but that increases the possibility of false negatives. The potential for false negatives is more effective than false positives, to detect this kind of threads we need to use the Deception Technology. There are two types of Deception Technology described below.
- Active Deception: Active Deception will provide inaccurate information intentionally to the subjects (intruders or hackers) to fall for the trap.
- Passive Deception: Passive Deception will provide incomplete information, o the other half of information. Intruders will try to gain all the inforamtion and the fall for the trap.
Evolution of Deception Technology:
Working Principle of Deception Technology:
The Deception Technology is for MILDEC or military deception. The Deception Technology’s working principle is much simpler to understand, a false decoy network will run on-existing infrastructure, but not visible by genuine staff. When any hacker or intruder visits that infrastructure they will be able to see the decoy as an opportunity to hack the infrastructure and they will fall for that.
The decoy for the intruder must be simple, so the intruder can easily break through the guard and fall for the trap. The decoy should behave like important information or data for the organization only then the attacker will penetrate the security. The setup of Deception Technology should not be distinguishable by the intruders. Set-up is best done automatically by a system that maps the real network which defines the content and positioning of decoys.
Deception Technology applicable methods:
- Piggybacking: Piggybacking happens when criminal labels along with an authorized person to gain entry into a protected location or a limited region. Unsecured wireless networks can be piggybacked.
- Impersonation: Criminals can undermine the reliability of individuals by using the website and social media posts. Impersonation is the act of pretending as another person with the objective of acquiring data of an individual, organization, and so forth.
- Web-based Deception: Sending hoax emails, jokes, movies, and non-business related emails at work may violate the organization’s acceptable use policy and result in disciplinary activities.
- Shoulder Surfing: Shoulder surfing means acquiring personal data through direct observation. An attacker can use binoculars or circuit cameras for shoulder surfing. The most commonly stolen data through shoulder surfing includes credit card numbers, PINs, access codes, and so on.
- Hoaxes: A hoax is an act intended to deceive. A hoax can cause just the same amount of disturbance as an actual breach would cause. The response can make unnecessary fear and unreasonable behavior. Clients pass hoaxes through email and online networking. A hoax evokes a client response.
Importance of Deception Technology: Deception Technology depends upon recognition of presence rather than known signatures. It will identify all types of intrusion and intruder whether that is a cybercriminal, a contractor doing more than the agreement specifies, or an employee seeking information on an upcoming merger.
- Digital Smell Technology- An Underrated Technology
- Self-Driving Car Technology
- Big Data as a Technology
- Advancement in Technology of 5G
- What is Wearable Technology
- Introduction to Blockchain technology | Set 2
- What is 5G Wireless Technology and How it Works?
- Night Vision Technology
- How to learn any technology inside out?
- Capacitive Touch Technology
- Introduction to Blockchain technology | Set 1
- Top 10 Technology Trends That You Can Learn in 2020
- Ethical Issues in Information Technology (IT)
- Neuralink - A Brain-Computer Interface Technology
- How to choose a Technology Stack for Web Application Development ?
If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to email@example.com. See your article appearing on the GeeksforGeeks main page and help other Geeks.
Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.