Traditional information security thinking has been focused on controlling and restricting the flow of information via a variety of technical and policy means. I argue that such an approach cannot meet its goals given (a) a ubiquitous and easy to-connect to network, the Internet; (b) many systems with large volumes of information from different domains (governmental, health, financial, personal, etc.) connected to saidnetwork; (c) parties that place value (monetary or otherwise) on this information. Under these conditions, it is perhaps not surprising that the slogan "Information wants to be free" is made true. I will discuss a more flexible approach to information security, focusing on the true goal of malicious adversaries: the information itself. Active, automated, large-scale deception offers great possibilities in identifying, tracking, confusing, and misdirecting adversaries in a number of environments and threat models. We will discuss the basic principles behind active deception, and its application in some interesting and technically difficult problem domains.
Angelos D. Keromytis is an Associate Professor of Computer Science and Director of the Network Security Lab at Columbia University. His research interests center on systems/network security and applied cryptography, with a current focus on self-healing systems, software hardening, information flow tracking, and cloud security. He received his Ph.D. in 2001 from the University of Pennsylvania, and his B.Sc. from the University of Crete in 1996, both in computer science. His current CV and list of publications can be found at: http://www.cs.columbia.edu/~angelos/cv.html