Hydrakon, a Framework for Measuring Indicators of Deception in Emulated Monitoring Systems

Abstract: The current cybersecurity ecosystem is proving insufficient in today’s increasingly sophisticated cyber attacks. Malware authors and intruders have pursued innovative avenues to circumvent emulated monitoring systems (EMSs) such as honeypots, virtual machines, sandboxes and debuggers to continue with their malicious activities while remaining inconspicuous. Cybercriminals are improving their ability to detect EMS, by finding indicators of deception (IoDs) to expose their presence and avoid detection. It is pro… Show more