让攻击者哭泣：用欺骗手段智胜他们（由 Fastly 赞助）.pdf

《让攻击者哭泣：用欺骗手段智胜他们（由 Fastly 赞助）.pdf》由会员分享，可在线阅读，更多相关《让攻击者哭泣：用欺骗手段智胜他们（由 Fastly 赞助）.pdf（12页珍藏版）》请在三个皮匠报告上搜索。

1、2025 Fastly,Inc.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.S E C 3 2 6-SMake Attackers CryOutsmart them with deception2025 Fastly,Inc.Nudge(good)versus Sludge(bad)32025 Fastly,Inc.We can harness sludge for goo

2、d4We can impose friction on attackers to consume their resources and raise their costsWe can influence their behavior and decision making with sludgeWe can make attackers cry.2025 Fastly,Inc.What does it cost them?Opportunity cost(e.g.forgone alternatives)Tools,development,infrastructure,credentials

3、,talentQuantitative Cost-Qualitative Cost-InformationalReconnaissance,target knowledge,information overloadReputationalCriminal reputation,Ability to recruit,Customer churnPsychologicalFrustration,Shame,confusion,stress2025 Fastly,Inc.What is deception?6Deception has been implemented in many context

4、s over the course of history,especially in warfareIt shares common traits with the natural world,like plants and animals that mimic the appearance something dangerousCan be simple(running a duplicate application server)or complex(gaslighting an attacker so they have no idea what is real and what is

5、fake)Deception is not playing dirty leveraging the tactics of the enemy to support ethical goals2025 Fastly,Inc.Deception in Next-Gen WAF7Intercepts the suspicious login attempt from the attackerSwaps attacker password with a random value,guaranteeing the login will failForwards modified request to

6、customer origin serverOrigin responds with real Invalid Username/Password page,which is seamlessly passed back to the attackerAttacker is left thinking their credentials did not work,and are unaware they have been detected and tracked2025 Fastly,Inc.A more effective approach8Atta