Gajendra Deshpande - Deceptive Security using Python

Python Security

Discover how to use Python to create deception in security, featuring Gajendra Deshpande's talk on intentional deception, algorithms, custom error messages, neural networks, honeypots, and more.

Key takeaways

Three tiers of intention to fall further trap:
- May nominate intentionally create a careless and lazy habit.
- Come early and often to meet and greet.
- Explain that’s a very important and very smart way.
Intentionally fall further trap:
- The frequency of characters is below the threshold.
- The value set for that character corresponds to the count of and similar terms.
Algorithm and its description:
- The diagram shows how deception works.
- There are two users, benign and malicious.
Custom error message:
- Designed to avoid providing system information.
- Can be any trie user.
Neural networks:
- Modularity in neural networks helps achieve improved performance.
- Count-based validation approaches filter malicious inputs.
Honeypots:
- Introduced in 1998.
- Helps protect critical data.
XML and XPath injection attacks:
- Can be performed on XML documents.
- Often unstable with respect to single neural network.
Convergence:
- Neural networks are not applied to detect XPath injection attacks.
- Count-based validation approaches filter malicious inputs.
Passive deception:
- Incomplete information will be provided.
Active deception:
- Inaccurate information will be provided.
Deception technology:
- Realized the potential of deception.
- Decreased rate of false positives and false negatives.
Challenges:
- Keeping pace with technological advancements.
- Protecting sensitive information.
- Identifying and classifying typical behaviors.
Using Python for deception:
- PyBrain is a modular machine learning library.
- Bottle is a fast, simple, and lightweight microwave framework.
- Security can be improved through deception.
- Honeypots help protect critical data.

Gajendra Deshpande - Deceptive Security using Python

More talks