Security lessons from Nature – Eyespots
Now, butterflies aren’t generally considered to be terrifying. Nor, unless you were chased by one as a small child, are peacocks. And, though five of the six ends of a tiger are pointy, the tail is also generally viewed to be fairly innocuous.
Interestingly, all of these generally harmless examples protect themselves through the use of eye spots. Butterflies often have them on their wings, so when they are fully unfolded, they resemble a face. Peacocks have them all over their tails, so when they are fully spread out, they resemble the eyes of many creatures. The white spots on the back of a tiger’s ears resemble eyes as well.
The theory in all of these cases is that an attacker will think they are being observed and halt an attack. It may only cause a brief pause, but that might be just enough for the eyespotted animal to get away.
The security lesson here is twofold.
First of all, it’s a generally good idea to let an attacker think you’re paying closer attention to them than you are. That way the attacker is more likely to move on to a victim that would be a little bit easier to take on. Perhaps one that is paying a bit less attention. Practically, the technique only works when it takes fewer resources to mount a pseudo-defense than it does to to mount an actual one. This is one of the reasons that fake surveillance cameras are popular. If there are 10 cameras in a place, it’s a lot cheaper for 8 of them to be fake, so long as an attacker doesn’t know which ones are which. It would not make sense to create a fake IDS system that detects security incidents and fakes a response, as it would take just as much work to fake a response as it would to make a real one.
The second lesson is that you have to pay some attention. After all, attackers aren’t stupid. If they figure out that the butterfly with the weird eyes isn’t really watching, the butterfly will be lunch if it doesn’t fly away soon. A distraction technique, be they eyespots or fake cameras are only good so long as the real eyes and real cameras are being used.
How you can you fake out your attackers?