Deception platform - its functionality criteria, strengths and weaknesses, trends
Abstract
Deception platform - its functionality criteria, strengths and weaknesses, trends
Incoming article date: 08.05.2025The purpose of the article is to review the criteria that affect the functionality of the platform to deceive attackers, to identify the strengths and weaknesses of the technology, to consider current trends and areas for further research. The method of study is analysis of existing articles in peer-reviewed Russian and foreign sources, aggregation of research, and formation of conclusions based on the analyzed sources. The article discusses basic and situational metrics to consider when selecting and evaluating a trap - cost of implementation, design complexity, risk of compromise, data collected, strength of deception, available connections, false positive rate, attack attribution, attack complexity, time to compromise, diversity of interactions, early warning, effectiveness of attack repellency, impact on attacker behavior, threats detected by the trap, resilience. A breakdown of the strengths and weaknesses of Deception technology, which are worth paying attention to when using it. Deception platform development trends are reviewed, as well as areas of research in which the platform is under-researched.
Keywords: false target infrastructure, deception platform, honeypot, honeytoken, honeynet