gHOST IN THE sHELL
Attackers are lured into thinking they got access to an unsupervised server, while they breached into a controlled environment (what is known as a honeypot).
Millions of botnets scan the Internet 24/7, looking for insecure connected devices.
Exposed points of entry are bombarded with connections and login attempts, until a valid password or an exploitable bug is found.
Through the breach, the Attacker connects to the server and begins probing around for clues that will lead to valuable informations about the host; the only way Attackers can feel the place around them is via text commands sent via the shell interface.
Sample interface of the website
The interactions that Attackers have with the host will be published on a website for Visitors, similar to an aquarium or ant farm.
Live data gathered from the attacks will include:
- Attacker IP
- Attacker (perceived) location
- Log of all attempted attacks
- Informations the Attacker has been tricked into providing
This data will then be stored digitally and processed to:
- Create algorithmic background music
- Update and animate graphs, widgets and informations on the website
- Update profiles about the Attackers
- Instaurate a direct text-based connection with Attackers
Interaction with the Attacker
By connecting and relying on text feedback to understand the environment, the Attacker opened up to interact by the Host.
The Attackers' perception of reality depends on written information that the Host provides, and can thus be shaped.
We can for example present them with a novelty system instead of what they would traditionally find on a server (for example a text-based interactive platform, adventure game, digital art, etc.)
The connection created by the Attacker also allows us to counteract, for example by showing them information designed to provide an emotional response (e.g. Roko's basilisk, fake police or government response to the cyberattack, etc.), effectively installing malware in their brains.
The content the Attackers will see first-hand on the server is effectively available only to those who can break into the Host, either produced by the Host or Attackers themselves. Art you have access to only if you have the technical abilities required.
It is possible to expand the experience further by attaching the honeypot to microcontrollers, so that intruders can interact with the physical environment:
- Speakers playing audio messages left by Attackers, generated via text-to-speech software
- Attackers could be presented with video or photos taken live from the room where the installation is hosted, or webcam feed from Visitors on the website
- Attackers can manouver servo motors and operate machinery
- Attackers can interact with displays (LCD or LED screens) hung on walls
- Attackers can interact with lights in the environment
- Attackers can interact with Visitors via text terminals chats on the website or in live terminals in the room where the installation is placed
- Actors and Visitors can interact with attackers using physichal expression, translated to text via sensor and sent to the Attackers
I'd like to create a immersive experience for Attackers and have them become the core of the performance.
The Attacker will be lead through a text-based interactive narrative that explores the theme of identity, anonymity, choices, and their real life consequences.
What I would consider the most favourable outcome is having led an Internet entity (by nature anonymous, ethereal, not responsible) to produce a reaction in the physical environment (which is the realm of identity, presence, reality).
What I'd like to achieve with this project is multi-layered, in order of achievability:
- Multimedia art completely generated by interactions of malevolent actors
- Lure the attacker to complete a text-based adventure and peruse digital art, a private exposition only for those who can penetrate through the walled garden.
- Have an Attacker on an exposed internet-connected Host interact with the physical world
The honeypot concept can also be expanded in the physical realm: Visitors will assume that what happens in the room is controlled by anonymous Attackers from the Internet, while this is just a rappresentation to lure them into believing this to be true. In this case the Host would then have successfully created an IRL honeypot.