About Traps and Deceptive Measures
Traps and deceptive measures are measures that appear to be real systems, services, environments, and so forth, but they’re not. Deceptive measures are designed to cause people who attack and misuse systems and networks to obtain false information or to interact with virtual or other nonreal environments in which they can do little, if any, harm. A “trap” is designed to keep an attacker in one place (that is, one system or one application and so forth) so that the behavior and actions of the attacker can be recorded and analyzed, possibly (but not necessarily) for the purpose of use as evidence in a court of law. Deceptive measures are thus broader in scope; traps are one of several types of deceptive measures. ...
Get Incident Response: A Strategic Guide to Handling System and Network Security Breaches now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
