Cyber Deception

Course Group: 
Cyber Security
Course Outline: 

This 5-day course will provide students with hands-on experience of how to build, deploy and configure various cyber deception tools and technologies to protect computer networks and digital data. Students will use a combination of open source software, scripts and direct operating system configurations to create confusion, bait and trap intruders and unauthorised insiders.

Who Should Attend

Course Outline

Presenter Information

Dates & Registration

Duration: 5 days

Delivery Mode: Cyber Range


Advertised: Canberra, Melbourne & Sydney

In-house: Please contact the Professional Education Course Unit for more information. Recommended for groups of 10 or more.

What you will receive

  • Comprehensive set of course notes
  • UNSW Canberra certificate of attendance
  • Morning tea, lunch and afternoon te­­­a


This course is extremely valuable for managers and professional cyber security engineers. The need for awareness of cyber deception is growing. Gartner has identified cyber deception as one of the top 10 technologies for cyber defence and expect that many large businesses will be employing these technologies. Moving forward, managers and professionals will need to be aware of how to best utilise these solutions.

The course has been designed for people with a beginner and intermediate level of technical IT skill and experience. The majority of the course content is hands on activities. Students will configure and build cyber deceptions. Many of these will be using command line. The course will walk students through the basics of how to undertake each activity and provide them the means to complete the exercises. No academic or technical knowledge is assumed but the course can be challenging, in places if users are not familiar with basic IT and cyber security principles and tools.




1. Introduction to Cyber Deception  

2. Navigating the exercise material

3. Steganography


1. Hidden Partitions

2. Port obfuscation

2. Covert network tunnels


1. Sinkholes and tarpits

2. SSH honeypots

3. Industrial control system honeypots

4. Honeytokens and honeyfiles

5. Fake web pages, tables and user activity


1. Detecting honeypots and honeytokens

2. Customising honeypots

3. Applying machine learning to the problem


1. Planning deceptions

2. Mass deployment and management of honeypots

3. Integrating into other security systems




Ben Whitham is a cyber security entrepreneur and engineer. After a career in the military, Ben worked as a consultant in a number of Australian government and commercial cyber incident response teams. He co-founded several companies, including M5 Network Security, where he was co-creator of the Secure Communications Solution, a product that was a finalist in the 2011 SC Magazine Mobile Security Product of the Year and winner of the Australian Museum Eureka Award for Outstanding Science in Safeguarding Australia. Now with his new ventures, Penten and, he continues to consult and design security solutions, primarily in areas associated with cyber deception.


No dates? Or unable to attend dates shown? Submit an Expression of Interest below to be notified of upcoming courses.



17 June 2019 - 21 June 2019