A suite of cutting-edge cyber honeypot technology has been developed by Australian students, researchers and industry professionals. DecaaS (Deception as a Service) uses machine learning models to create highly realistic albeit fake versions of data and digital assets that are attractive to hackers.
The Head of Technology and Innovation in Applied AI at an Australia-based cyber technology company noted that the approach of using honey pots and cyber deception was developed to rapidly detect if people have broken into a system and intelligence about the intent, equipment and processes that adversaries are using is obtained.
The project’s lead researcher, Dr Kristen Moore of Australia’s national science agency, CSIRO, explained that the DecaaS project team has created models to generate fake content and traffic, including code repositories, email servers, Wi-Fi traffic and Wiki corpora, to create a convincing and appealing cyber honeypot. Hackers leverage AI (Artificial Intelligence) and deception, and are getting far with it, so cybersecurity professionals must do the same, Dr Moore said.
A collaboration between the Cyber Security Cooperative Research Centre, CSIRO’s Data61 and the Australian-based cyber company, DecaaS is in the process of commercialisation. Those involved noted that significant benefits were gained via the project’s unique working environment; students worked alongside the industry, leading to a wealth of knowledge transfer between both parties.
It was noted that oftentimes the industry leaves the problem or challenge with academic partners and only returns to check on progress or observe the results. However, the company took a far more engaged approach with DecaaS, working directly with students and researchers. The greater engagement resulted in more focused outcomes, directly applicable to the firm’s products and projects, as well as broader benefits in developing skills and capability in the ecosystem.
The CEO of the Cyber Security Cooperative Research Centre noted that it was fantastic to see the students and researchers solving hard problems. These are real-world threats with potentially devastating consequences, the team is solving research challenges that can impact how people use the firm’s new product and improve overall cyber posture, she added.
About the Deception as a Service Project
The Deception as a Service (DecaaS) project commenced in November 2019 alongside CSIRO’s industry partner. The project is supported by Cyber-Security CRC and aimed to apply cutting-edge machine learning and artificial intelligence to generate realistic computer systems and assets to deceive intruders who make their way into a system.
The industry partner is an Australian business that has developed AI tools that operate in this space, currently generating decoy documents, communications and Wi-Fi access points, amongst others. With the firm, this research sought to enable a wider range of deceptive assets, from fake users to web presence, and databases. As cyber threats increase in volume and sophistication, AI and machine learning offer an opportunity to assist overwhelmed human defenders and speed up decision-making and response. This is in addition to delivering more agile defences in a way that was not previously possible.
Deception Technology Market Projections
The global deception technology market was valued at US$ 1.34 billion in 2020 and is expected to grow to US$ 3.88 billion in 2028 at a CAGR of 14.4% during the 2021-2028 period. This is expected to be positively impacted during the COVID-19 pandemic. Research shows that the global market exhibited a substantial growth of 12.0% in 2020 compared to the average year-on-year growth during 2017-2019. The sudden rise in CAGR is attributable to this market’s growth and demand returning to pre-pandemic levels once the pandemic is over.