Mr.Rabbit

Former penetration tester, currently working to protect everyone’s peace of mind while also working on cybersecurity as a hobby. In the past, I have presented my own tools at various events. Recently, I have been studying military history and tactics as part of my hobby. I like alcohol, and the vulnerability of alcohol injection has not been fixed yet.

Ochoushimon (御調子門) -AZAZEL system- : Tactical Delaying Action via the Cyber-Scapegoat Gateway

Have you heard of the term “delaying action”? This is a defensive military action in which defensive forces continue to fight for as long as possible without being involved in a decisive battle that involves the risk of retreat, in order to delay the advance of the enemy. Modern cyber attacks are fast and automated, and the risk of attackers reaching assets in a short time is increasing. For this reason, it is necessary to adopt the concept of “delaying action” in cyber warfare as well.

We have developed the “Ochikomon -AZAZEL system-” that incorporates this concept. This system uses a technology called “scapegoat-type decoy”, and it achieves “delaying action” that was not possible with conventional honeypots. It is also built on the Raspberry Pi 5 platform using OSS, so it can be easily introduced anywhere, such as in a workplace lab environment, at home, at a VPN exit, or in a CTF training environment.

Through this talk, I hope that the audience will be exposed to the idea that “defending is about buying time”. I hope that they will try to actually implement tactical defenses that deliberately accept attacks and delay them, rather than just stopping them, and control the actions of the attackers. I also hope that they will think about applying deception and delay to their own environment and organization, and take the first step towards creative cyber defense.