Mayalok: A Cyber-Deception Hardware Using Runtime Instruction Infusion

Rapid rise in malware attacks has added significant costs to cyber operations. As adversaries evolve, there is a growing need for fast, targeted defenses that effectively guard computer systems against these cyber-attacks. Cyber-deception is an increasingly adopted defense strategy with its ability to continually engage with adversaries and deploy counter-measures proactively by manipulating the malware program execution flow to non-useful states for the attacker. This paper introduces Mayalok, a novel hardware-based cyber-deception framework to combat malware through runtime instruction infusion. Mayalok employs hardware deception primitives to transparently insert or skip malware program instructions during runtime and deliver the attackers a deceptive view of the system state. We evaluate and demonstrate the deception efficacy of the Mayalok framework on malware samples representing various attack vectors: Ransomware, InfoStealers, Buffer overflow, and Side-channels.