Skip to main content Skip to main navigation


Deep Down the Rabbit Hole: On References in Networks of Decoy Elements

Daniel Reti; Daniel Fraunholz; Daniel Schneider; Janis Zemitis; Hans Dieter Schotten
In: 2020 International Conference on Cyber Security and Protection of Digital Services (Cyber Security). International Conference on Cyber Security and Protection of Digital Services (Cyber Security-2020), June 15-17, Online, Ireland, ISBN 978-1-7281-6429-8, Institute of Electrical and Electronics Engineers (IEEE), 2020.


Deception technology has proven to be a sound approach against threats to information systems. Aside from well-established honeypots, decoy elements, also known as honeytokens, are an excellent method to address various types of threats. Decoy elements are causing distraction and uncertainty to an attacker and help detecting malicious activity. Deception is meant to be complementing firewalls and intrusion detection systems. Particularly insider threats may be mitigated with deception methods. While current approaches consider the use of multiple decoy elements as well as context-sensitivity, they do not sufficiently describe a relationship between individual elements. In this work, inter-referencing decoy elements are introduced as a plausible extension to existing deception frameworks, leading attackers along a path of decoy elements. A theoretical foundation is introduced, as well as a stochastic model and a reference implementation. It was found that the proposed system is suitable to enhance current decoy frameworks by adding a further dimension of inter-connectivity and therefore improve intrusion detection and prevention.


Weitere Links