About Our Group
In everyday security, deception plays a prominent role in our physical world security. We leave lights on to deter thieves by deceiving them to think someone is inside. We may further put up signs that warn “Beware of the Dog” to cast doubt on the nature of our defenses. Inside, we may place our valuables in a safe, but hide the safe behind a painting.
Over history, deception has evolved to find its natural place in our societies and eventually our technical systems. Deception and decoy-based mechanisms have been used in cyber security for more than two decades in techniques such as honeypots and obfuscation.
Our group is investigating how deception can be used to improve the security of computers and networks. This site provides a summary and reference of the work we have done with links to more in-depth information.
- Jeff Avery successfully defended his thesis, and became Dr. Avery on August 5th. He took a position at Northrop Grumman
- Spaf was interviewed at RSA about deception. Check out the video!
- Our paper entitled Ghost Patches: Faux Patches for Faux Vulnerabilities was presented at the IFIP SEC 17 conference. (Link for the paper coming soon.)
- Our paper entitled Offensive Deception in Computing was presented at the ICCWS 17 conference.
- Our paper Inhibiting and Detecting Offline Password Cracking Using ErsatzPasswords was published in ACM Transactions on Privacy and Security (TOPS), v19(3), Dec 2016, DOI 10.1145/2996457.
- A new book on cyber deception includes a chapter on our work. See the Papers and Presentations page for details.
- Our paper on ersatz passwords was presented at the ACSAC 15 conference.
Update! This paper won the conference best paper award!
- Mohammed Almeshekah has completed his PhD and left Purdue to take a faculty position at King Saud University. His PhD dissertation, Using Deception to Enhance Security: A Taxonomy, Model, and Novel Uses, is available online in the CERIAS library.
- We have received an NSF grant to support portions of our work! See the Acknowledgements page for specifics.