Cyber attacks and cyber intelligence are growing concerns in today’s
computer networks. The goal of our research project was to address this threat
and study generating deceptive fake services in a new way: by recording the
ordinary interaction between a client and a server and then deceiving the
adversary by playing back an altered, deceptive reply. We demonstrated the
feasibility of such fake service generator tool by creating a proof-of-concept
implementation that can create fake services for web environment. The objective
was to make the tool as protocol-independent as possible while still giving
convincing replies to the adversary. Our results indicate that although fake
service creation is a challenging topic, can still achieve very satisfactory
results with our proof-of-concept implementation. We therefore believe creating
deceptive services is a promising proactive method to lead the adversary astray
as he or she is attempting to get access to sensitive data.