Could you block hackers by letting them into your network or website?
It sounds crazy, but some believe it could work.
And it led researchers at the University of Texas to develop a new tool.
Deception as a cybersecurity tactic
According to Kevin Hamlen, a professor of computer science, this new defense method uses hackers "as a source of free labor."
And what does that mean?
For DEEP-Dig (DEcEPtion DIGging), the new tool developed by UT researchers, it means letting hackers in.
DEEP-Dig advances a rapidly growing cybersecurity field known as deception technology, which involves setting traps for hackers. Researchers hope that the approach can be especially useful for defense organizations.
"There are criminals trying to attack our networks all the time, and normally we view that as a negative thing," said Dr. Kevin Hamlen, Eugene McDermott Professor of computer science. "Instead of blocking them, maybe what we could be doing is viewing these attackers as a source of free labor. They're providing us data about what malicious attacks look like. It's a free source of highly prized data."
Using decoy sites to fool hackers
DEEP-Dig doesn't let hackers into original sites.
Instead, it guides intruders into decoy sites where white hats can watch the black hats:
"Hackers typically begin with their simplest tricks and then use increasingly sophisticated tactics. But most cyberdefense programs try to disrupt intruders before anyone can monitor the intruders' techniques. DEEP-Dig will give researchers a window into hackers' methods as they enter a decoy site stocked with disinformation."
From there, the machine can learn and adapt to anything a hacker might throw at it. And this method is already being used by some organizations.
"We're using the data from hackers to train the machine to identify an attack," said Gbadebo Ayoade, now a data scientist at Procter & Gamble Co. "We're using deception to get better data."
Interested in DEEP-Dig? Check out more information from Science Daily.
