Conventional cyber security measures, including cryptography, logging and monitoring, intrusion prevention, and access control, showed their limitation in being able to prevent against sophisticated and unknown security attacks. Faced to this, active defense and cyber deception were proposed as a game changer in security, allowing to anticipate and disrupt attacks, confuse attackers, increase their required effort, and gather threat intelligence. In this presentation we provide an overview of the recent advances in active defense and cyber deception techniques and strategies, showing how to build an active defense posture in enterprise networks while relying on techniques such as moving target defense, white worms’ propagation, and honeytokens deployment. The presentation ends with a discussion on open issues and challenges
Slim Rekhis received the University Habilitation and the Ph.D. degrees in Information and Communication Technologies from the Ecole Supérieure des Telecommunications de Tunis (SUP’COM), University of Carthage, Tunisia, in 2013, and 2007, respectively. He is currently a Professor in Telecommunications and the Director of the Communication Networks and Security (CNAS) research Laboratory at SUP’COM. His current research interest includes cyber security and defense, digital investigation of cyber security incidents, formal security modeling and validation, security of Implantable Medical Devices, cloud computing, intrusion prevention and detection, Internet of Things, Internet of Vehicles, networking protocols and services, and wireless security.