Techniques for improving computer system security by detecting and responding to attacks on computer systems are described herein. A computer system monitors communications requests from external systems and, as a result of detecting one or more attacks on the computer system, the computer system responds to the attacks by analyzing the behavior of the attacker, relating that behavior to one or more attack profiles and creating a simulated environment to respond to the attack based in part on the attack profiles. The simulated environment responds to the attack by communicating with the attacker.