Researchers at the University of Texas have found a way to bamboozle malicious hackers into giving away their secrets.
The DEEP-Dig (DEcEPtion DIGging) method tricks hackers onto a decoy site set up to record whatever sneaky tactics are thrown at it. This information is then fed into a computer, where it is analyzed to produce clues on how to identify and fend off future hacking attacks.
University of Texas at Dallas computer scientists presented papers on their wily new work at the annual Computer Security Applications Conference in December in Puerto Rico and at the Hawaii International Conference of System Sciences.
Furtively obtaining information from hackers that can later be used against them is a rapidly growing cybersecurity field known as deception technology. This cunning approach encourages those working in cybersecurity to view cyber-attacks in a whole new light.
“There are criminals trying to attack our networks all the time, and normally we view that as a negative thing,” said Dr Kevin Hamlen, Eugene McDermott Professor of Computer Science.
“Instead of blocking them, maybe what we could be doing is viewing these attackers as a source of free labor. They’re providing us data about what malicious attacks look like. It’s a free source of highly prized data.”
Privacy restrictions can make it difficult for researchers to obtain sufficient data on attackers' tactics to create effective defense strategies. DEEP-Dig functions like a spy in the attacking camp, gathering up valuable real-time information on how hackers strike.
Dr. Gbadebo Ayoade, who presented the scientists' findings in Puerto Rico and Hawaii, said that having more data will make it easier to detect when an attack is under way.
“We’re using the data from hackers to train the machine to identify an attack,” said Ayoade. “We’re using deception to get better data.”
Dr Latifur Khan, professor of computer science at UT Dallas, said "attackers will feel they're successful" when they encounter the decoy site stocked with disinformation.
Mirroring the cyber-criminal’s domain-spoofing technique and using it against them to gain a window into their activity might appear like poetic justice; to Khan, it's simply another roll of the dice.
Describing the ongoing online battle between the lawless and the law-abiding, Khan said: "It's an endless game."