Designing Proactive Cyber Deception Systems for Threat Mitigation in Digital Banking Networks
Keywords:
Cyber deception, proactive security, digital banking, threat mitigation, honeypots, adversarial defenseAbstract
Digital banking infrastructures face increasing threats from sophisticated cyber attackers who continuously exploit vulnerabilities for financial and data gains. Traditional reactive cybersecurity mechanisms are proving inadequate in this evolving threat landscape. This paper explores the integration of proactive cyber deception systems tailored for digital banking networks, focusing on dynamic threat engagement, early attack detection, and adversarial manipulation. Through the design of intelligent decoys, trap-based architectures, and misdirection strategies, the paper demonstrates how proactive deception can complement existing security frameworks. A review of literature, architectural models, implementation strategies, and empirical observations support the argument for adopting deception as a frontline defense in financial cyber ecosystems.
References
[1] Cheswick, B.: An evening with Berferd in which a cracker is lured, endured, and studied. Proc. of Winter USENIX Conf., 1992, vol. 6, pp. 163–174.
[2] Spitzner, L.: Honeypots: Catching the insider threat. Proceedings of the 19th Annual Computer Security Applications Conference, 2003, vol. 5, iss. 3, pp. 170–179.
[3] Cohen, F.: The use of deception techniques: Honeypots and decoys. Computer Security Journal, 1999, vol. 18, iss. 3, pp. 25–39.
[4] Bell, J., Whaley, B.: Cheating and Deception. Transaction Publishers, 1991, vol. 1, iss. 1, pp. 12–35.
[5] Almeshekah, M., Spafford, E.H.: Cyber security deception. Journal of Cyber Security and Information Systems, 2014, vol. 2, iss. 1, pp. 18–27.
[6] Bowen, B.M., Salem, M.B., Hershkop, S., Stolfo, S.J.: Designing host and network sensors to mitigate the insider threat. Journal of Digital Forensics, Security and Law, 2009, vol. 4, iss. 2, pp. 1–26.
[7] Gajula, S. (2024). Cybersecurity risk prediction using graph neural networks. Journal of Information Systems Engineering and Management, 9(4), 3301–3315. https://doi.org/10.52783/JISEM.V9I4S.13885
[8] Rowe, N.C.: A model of deception strategy in cyber-attacks. Proceedings of the 1st International Conference on Cyber Conflict, 2009, vol. 1, iss. 1, pp. 157–168.
[9] Carver, C.A., Hill, J.M., Surdu, J.R.: Deception techniques: Threat mitigation and practical applications. Proceedings of the 2004 IEEE Workshop on Information Assurance, 2004, vol. 1, iss. 1, pp. 27–33.
[10] Heberlein, L.T., et al.: A network security monitor. Proceedings of the 1990 IEEE Symposium on Research in Security and Privacy, 1990, vol. 1, iss. 1, pp. 296–304.
[11] Yuill, J., Denning, D., Feer, F.: Using deception to hide things from hackers: Processes, principles, and techniques. Journal of Information Warfare, 2006, vol. 5, iss. 3, pp. 26–40.
[12] Kim, G., Woo, J., Kim, S.: Deception-based defense: A taxonomy and survey. International Journal of Information Security, 2017, vol. 16, iss. 1, pp. 1–18.
[13] Gajula, S. (2024). Adaptive zero trust architecture for securing financial microservices. Computer Fraud & Security, 2024(12), 643–655. https://doi.org/10.52710/CFS.845
[14] Salem, M., Hershkop, S., Stolfo, S.: A survey of insider attack detection research. Proceedings of the Insider Attack and Cyber Security Workshop, 2008, vol. 1, iss. 1, pp. 69–90.
[15] Kijewski, P., et al.: The use of honeypots in computer security. ENISA Position Paper, 2007, vol. 1, iss. 1, pp. 1–34.
Posted
License
Copyright (c) 2025 Ravi Sankar Susarla (Author)
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
