It’s possible to get some, but not all, security through obscurity.
Gene Spafford challenges the notion many security people have that there’s no security through obscurity. “Being deceptive can frustrate attackers, but it’s not a perfect defense all by itself,” said Spafford, Professor and Director Emeritus at Purdue University in our conversation at the 2017 RSA Conference in San Francisco.
Watch the full video interview with Gene Spafford here:
VIDEO: Gene Spafford Interviewed at RSA 2017
Spafford is a 30+ year veteran in security, and has worked with notable students Dan Farmer (COPS) and Gene Kim (Tripwire). He also helped found The Center for Education and Research in Information Assurance and Security (CERIAS), the world’s largest multi-disciplinary academic research center in security and privacy.
About 20 years ago, with his security team at Purdue, Spafford started what he terms “deception work.” He has recently revisited his effort working on endpoint deception techniques, such as deceptive memory to defeat anti-forensic measures, and deceptive patching to defeat reverse engineering of patches to find vulnerabilities. This is different than the network deception currently being produced by companies.
“They’re not necessarily decreasing the attacks,” admitted Spafford. “But they are putting up the workload of attackers and increasing some of the potential to identify that an attack is underway.”
Spafford is trying to rejigger everyone’s notion about this old maxim that an element of, not all, security can be had through obscurity. “You can get additional security through obscurity or through deception. But it shouldn’t be your primary form of security,” warns Spafford.
ABOUT GENE SPAFFORD
Eugene Howard Spafford is one of the senior, most recognized leaders in the field of computing and security, with an ongoing record of accomplishment as an advisor and consultant on issues concerning intelligence, cybercrime, and education. A historically significant Internet figure, he is renowned for first analyzing the Morris Worm, one of the earliest computer worms, and for his role in the Usenet backbone cabal. Spafford was a member of the President's Information Technology Advisory Committee 2003-2005, has been an advisor to the National Science Foundation (NSF), and serves as an advisor to over a dozen other government agencies and major corporations. He is a Fellow of the ACM, the AAAS, the IEEE, the ISC2, and is a Distinguished Fellow of the ISSA. He is currently Professor of Computer Science at Purdue University.