Loading…
In-person
1-4 April 2025
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2025 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in British Summer Time (BST) (UTC +1). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change and session seating is available on a first-come, first-served basis. 
← Back to schedule
🪧 Poster Session: Catch More Hackers With Koney: Automated Honeytokens for Cloud Native Apps - Mario Kahlhofer, Dynatrace & Matteo Golinelli, University of Trento
Wednesday April 2, 2025 13:30 - 14:30 BST
Level 1 | Hall Entrances S8 - S9, N8 - N9
Techniques to deceive hackers are not new. Placing honeytokens, such as a fake "passwords.txt" file in your container, wastes hackers' time and provides strong indicators of compromise when accessed. But do you set traps in your workloads? Probably not. Manually injecting a fleet of decoys into your applications and detecting access attempts to them isn't straightforward.

Kubernetes offers a great foundation into which we can easily integrate traps to detect hackers. This poster will introduce Koney, an operator that lets you define so-called deception policies for your clusters. Koney automates the setup, rotation, and teardown of honeytokens and fake API endpoints, and uses eBPF to detect, log, and forward alerts when your traps have been accessed.

Our poster will cover prior research on cyber deception, discuss why this concept is still rarely applied in practice, and how using cloud-native design patterns may finally accelerate the adoption of cyber deception.
Speakers
avatar for Mario Kahlhofer

Mario Kahlhofer

Senior Research Scientist, Dynatrace
Mario is passionate about Cyber Security and Data Science, and is currently researching methods to detect hackers in cloud-native environments. In his spare time, Mario enjoys running, mountain biking, and tinkering with electronics.
avatar for Matteo Golinelli

Matteo Golinelli

PhD Student, University of Trento
Matteo Golinelli is a PhD student in cybersecurity at the University of Trento, Italy. He is mainly interested in web and cloud security and is focused on web caches and complex interactions between HTTP entities.
Wednesday April 2, 2025 13:30 - 14:30 BST
Level 1 | Hall Entrances S8 - S9, N8 - N9
  🪧 Poster Sessions, Security
  • Content Experience Level Any

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Share Modal

Share this link via

Or copy link