Pretend to be a honeypot to deter malware

Someone's gone forward with an idea I kicked around a few years ago.  Nice.

Anti-Honeypot – Repelling Attackers Using Fake Indicators

https://securityboulevard.com/2017/09/anti-honeypot-repelling-attackers-using-fake-indicators/

Still a hot topic after all these years

Maybe this will be the year of Deception as a cyber-defense?

F5 Labs - Will Deception as a Defense Become Mainstream?

Some ideas I've mentioned before are in this article.. mostly because not much has changed.

Interesting idea - Using AWS Access Keys for deception

Nice post on  Early Warning Detectors Using AWS Access Keys as Honeytokens

 

Folks continue to get creative about deceptive tricks against attackers.

 

Paper on fooling malware that they're not in a sandbox

Very interesting paper

From Patches to Honey-Patches: Lightweight Attacker Misdirection, Deception, and Disinformation


My first take is that if malware is becoming virtual sandbox aware, can we fake visualization on our physical hosts so the malware goes away?

Dallas News: Cybersecurity experts say traps might be more effective against hackers than firewalls

http://www.dallasnews.com/news/local-news/20150210-cybersecurity-experts-say-traps-might-be-more-effective-against-hackers-than-firewalls.ece

Bankers using honey data to smoke out fraudsters

From The Economist: Hacking back, Bankers go undercover to catch bad guys

Honeywords: Making Password-Cracking Detectable

http://people.csail.mit.edu/rivest/pubs.html#JR13