The exponential growth in digitalization and the demand for context-aware processing have led to a rise in Internet-connected services, thereby increasing the risk of cyber-attacks. Recent observations on the prevailing strategy of cyberattacks suggest the significance and high impact. The strategies employed by threat actors have matured to be more discrete, audacious, and impactful, targeting any form of digital entities ranging from human wearable devices to low earth orbit satellites. With such advancements, detecting such malicious entities is becoming increasingly challenging.

Defensive security solutions or tools are used to detect, track, and prevent security incidents. The data gathered from these tools and solutions are further analyzed to determine any targeted attacks or threats against the organization. This curated dataset can be helpful not only to the organization that collects and processes it and several other teams from other organizations to prepare their defenses.  Cyber Threat Intelligence is the process of identifying potential cyber threats by analyzing data from multiple sources and understanding the tactics, techniques, and procedures used by the adversary. Deception-based systems like honeypots are excellent data sources for threat intelligence data. Honeypots can gather new attack vectors and offer fewer false positives. However, deception-based systems must be carefully designed, implemented, and deployed to increase their purpose.

The main scientific contributions of the thesis include performing an empirical analysis of the state-of-the-art deception systems to identify their limitations and extend the findings by proposing techniques that undermine their feasibility. Following the results from the analysis, we propose methods to address these limitations and conduct studies that evaluate our proposed techniques by deriving key results and curated datasets.