avatar for Kevin Cardwell

Kevin Cardwell


No matter how much “security” is put in place, the reality is we are running our data on protocols that were developed many years ago when the Internet was small and as a result of this, these protocols are based on the principle of trust; therefore, to truly defend we need to modify these protocols. The concept is, if the protocols can be changed then the result of this will be frustration and confusion for the adversary. In this presentation advanced defensive concepts will be explored and the power of using deception at different layers of the network. The attacker depends on information that is gathered during their surveillance, and with deception we change the network at layer 2-4 and the result of this is the attacker’s collected data is no longer valid and useless for them, this requires the attacker to start the information gathering process over again. In a robust defensive solution, the network can change multiple times based on the classification of the threat, and each time it changes, the attacker is lost and has to start the recon process over again. These concepts change the game and put the defender in control!