IARPA wants cybersecurity software for ‘deception’

"The Last Thing You See" - Photo by Joey Gannon, CC 2.0

In warfare — both physical and cyber-based — the act of deception can be at times more useful than an outright attack. Or at least that’s what the Intelligence Advanced Research Projects Activity is thinking, based on a call that its contracting officers put out this week.

IARPA may soon be in the market for a piece of cybersecurity technology that uses “denial and deception,” or D&D, to protect Federal data assets, according to a recent request for information. This technology is expected to confuse and otherwise deceive a would-be hacker before a breach can occur.

The RFI published by the agency earlier this week titled “Deception for Cyber Defense Research” notes that while this nascent technology is available in the private sector it requires additional research to become effective at scale.

Responses to the RFI are due on July 1.


“Adapting D&D to support the engagement of cyber adversaries is a concept that has been gaining momentum, although, the current state of research and practice is still immature: many techniques lack rigorous experimental measures of effectiveness, information is insufficient to determine how defensive deception changes attacker behavior or how deception increases the likeliness of early detection of a cyber attack,” the RFI reads.

More specifically, the RFI hopes to answer a series of current questions surrounding the technology, including: what are the existing products, who are the available vendors, what are the metrics by which to judge this technology’s effectiveness and which techniques are most effective.

Dependent on the volume and quality of responses, the RFI states, IARPA may ultimately hold a one-day workshop on deception tactics — which could potentially lead to investments at a later date.

To contact the reporter on this story you can send him an email via or follow him on Twitter at @Bing_Chris. Subscribe to the Daily Scoop to get all the federal IT news you need in your inbox every morning at

Chris Bing

Written by Chris Bing

Christopher J. Bing is a cybersecurity reporter for CyberScoop. He has written about security, technology and policy for the American City Business Journals, DC Inno, International Policy Digest and The Daily Caller. Chris became interested in journalism as a result of growing up in Venezuela and watching the country shift from a democracy to a dictatorship between 1991 and 2009. Chris is an alumnus of St. Marys College of Maryland, a small liberal arts school based in Southern Maryland. He's a fan of Premier League football, authentic Laotian food and his dog, Sam.

Latest Podcasts