Deception AI is an AI-aware security system designed to detect and disrupt autonomous AI-driven penetration testing and attack agents through behavioral analysis.
Instead of relying on signatures or known tool fingerprints, DeceptionAI focuses on how an attacker behaves.
As modern penetration testing and attacks are increasingly automated by AI agents, traditional WAF and IDS solutions struggle to keep up.
DeceptionAI addresses this problem by identifying AI-like decision patterns and
responding with adaptive defensive strategies.
Detection is based on behavior, not tools
The system analyzes request flow, timing, entropy, retry logic and endpoint traversal patterns to classify traffic as:
- Human-driven
- Automated AI agent
- Behavioral request analysis
- AI agent detection without signatures
- Parameter entropy inspection
- Timing and retry pattern detection
- Lightweight machine learning classification
- Autonomous response actions:
- Silent blocking
- Artificial delays
- Deceptive responses
- Node.js middleware integration
Client / AI Agent
DeceptionAI Middleware
Behavior Engine
Classifier
Response Engine
- Node.js
- Express / Fastify
- TensorFlow.js (lightweight ML)
- Redis (optional, for state tracking)
- Detection of AI-driven pentesting
- Protection against autonomous attack agents
- Research on AI vs AI cybersecurity defense
- Blue team and SOC environments
This project is an experimental resarch-focues implemention intended for defensive and educational purposes
DeceptionAI is designed for legal and ethical security research only It must be deployed in environments where testing and monitoring are authorized