Presentation is loading. Please wait.

Presentation is loading. Please wait.

Tangled Web: Using Deception in Defense

Published byClara McGee Modified over 6 years ago

Similar presentations

Presentation on theme: "Tangled Web: Using Deception in Defense"— Presentation transcript:

1 Tangled Web: Using Deception in Defense
1

2 Help | About 25+ years with a Fortune 50 (Opinions are my own...)
Developer - PL/1, C/C++, Smalltalk, Java, Python... Security secure coding, web app pentesting, consulting, architecture IANAL – I didn’t tell you to do it! 2

3 “In wartime, truth is so precious that she should always be attended by a bodyguard of lies.” Winston Churchill -- Sun Tzu – 500 BC “All warfare is based upon deception” Warfare: Strategy and tactics refined by military history and translated to cyber... Web sites can be globally targeted. Rule of Law not in force due to lack of legal authority & enforcement In 2016, Gartner predicted, By 2018, Gartner predicts that 10 percent of enterprises will use deception tools and tactics, and actively participate in deception operations against attackers. 3

4 Deception Goals Adversaries Disguise Distract Disturb
Defensive – Provoke an Action Detect Prevent Respond 4

5 Once upon a time Deception is story telling Know your adversary
Appear weak where strong Appear strong where weak 5

6 To tell the truth Facts: Revelations Concealment Fictions
Advertise your deception? 6

7 Attacker identification
Browser fingerprinting Tools, Techniques, Procedures (TTPs) Request & Response times Tracking interactions 7

8 Tailor responses (Human)
I see y’all! – Stop it! Entangle Slow down Break down Log out Block 8

9 Tailor Responses (Botnet)
CAPTCHA Entangle Slow down Break down Disinform Log out – NOT 9

10 Traps Decoys Tripwires Mazes Mantraps 10

11 Walk into my parlor robots.txt Admin = false Hidden field
encrypted=YWRtaW49ZmFsc2U= URL variable Cookies ProductID = 345 Clown Spider 11

12 Triggered Admin app Hardened server One-way trip
Secure (except for...) 12

13 Tarpit Blind SQL injection – forged data Noisy Slow Slower
Maze – http tarpit Other vulnerabilities that Consume resources Provides tracking 13

14 A good story Attracts attention to reveals
Deflects attention from conceals Confirms Red's expectations Keeps Red's interest Feedback Loop: monitor Red Team actions 14

15 Questions 15

Download ppt "Tangled Web: Using Deception in Defense"

Similar presentations

Webgoat.

Webgoat.
Escape From the Black Box Brian Chess Fortify Software Countering the faults of typical web scanners through bytecode injection.

Escape From the Black Box Brian Chess Fortify Software Countering the faults of typical web scanners through bytecode injection.
17 th ACM CCS (October, 2010).  Introduction  Threat Model  Cross-Origin CSS Attacks  Example Attacks  Defenses  Experiment  Related Work 2 A Presentation.

17 th ACM CCS (October, 2010).  Introduction  Threat Model  Cross-Origin CSS Attacks  Example Attacks  Defenses  Experiment  Related Work 2 A Presentation.
Attacking Authentication and Authorization CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University

Attacking Authentication and Authorization CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University
Gray, the New Black Gray-Box Web Vulnerability Testing Brian Chess Founder / Chief Scientist Fortify Software, an HP Company June 22, 2011.

Gray, the New Black Gray-Box Web Vulnerability Testing Brian Chess Founder / Chief Scientist Fortify Software, an HP Company June 22, 2011.
Attacking Session Management Juliette Lessing

Attacking Session Management Juliette Lessing
OWASP. To ensure that strong simple security controls are available to every developer in every environment ESAPI Mission.

OWASP. To ensure that strong simple security controls are available to every developer in every environment ESAPI Mission.
Information Warfare - 11 Introduction and Preparing for Attacks.

Information Warfare - 11 Introduction and Preparing for Attacks.
The Way to Protect The Smartest Way to Protect Websites and Web Apps from Attacks.

The Way to Protect The Smartest Way to Protect Websites and Web Apps from Attacks.
Barracuda Web Application Firewall

Barracuda Web Application Firewall
Application Security: What Does it Take to Build and Test a “Trusted” App? John Dickson, CISSP Denim Group.

Application Security: What Does it Take to Build and Test a “Trusted” App? John Dickson, CISSP Denim Group.
Information Warfare - 11 Introduction and Preparing for Attacks.

Information Warfare - 11 Introduction and Preparing for Attacks.
Security Issues Steve Lovaas, ACNS IAC, 22 April 2008 Colorado State University1.

Security Issues Steve Lovaas, ACNS IAC, 22 April 2008 Colorado State University1.
The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.

The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.
Varun Sharma Security Engineer | ACE Team | Microsoft Information Security

Varun Sharma Security Engineer | ACE Team | Microsoft Information Security
CAP6135: Malware and Software Vulnerability Analysis Examples of Term Projects Cliff Zou Spring 2012.

CAP6135: Malware and Software Vulnerability Analysis Examples of Term Projects Cliff Zou Spring 2012.
Capacity Development Workshop on Public Information Management System and Policy in Korea on cyber attacks 2011.11.28 Jeong Min, Lee KISA.

Capacity Development Workshop on Public Information Management System and Policy in Korea on cyber attacks Jeong Min, Lee KISA.
Introduction to Application Penetration Testing

Introduction to Application Penetration Testing
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Prevent Cross-Site Scripting (XSS) attack

Prevent Cross-Site Scripting (XSS) attack

Similar presentations

Ads by Google