Traditional approaches to cyber defense lack the agility to effectively counter stealthy and undetectable attacks, placing defenders at a disadvantage. In response to this imbalance, Active Cyber Deception (ACD) has emerged as a promising solution by dynamically orchestrating deceptive environments to mislead and disrupt attackers' decision-making processes. However, developing efficient and effective deception systems necessitates the integration of human intelligence and comprehensive malware analysis to comprehend attack behaviors and automate deception strategies.This dissertation presents three innovative approaches in the field of ACD. Firstly, DodgeTron combines dynamic analysis using symbolic execution tools and machine learning to automate the creation of deception schemes against malware. It achieves this by categorizing malware into known families and employing HoneyThings. Secondly, symbSODA performs dynamic analysis on real-world malware and conducts data flow analysis to extract malicious sub-graphs (MSGs). These MSGs are then mapped to the MITRE ATT&CK framework using Natural Language Processing, enabling the creation of a Deception Playbook for deceiving specific malicious behaviors through deceptive API hookings. Finally, ranDecepter integrates active cyber deception to identify ransomware in its early stages and utilizes binary reset (orchestration) methods to repurpose the malware to exhaustively transmit encryption information (including keys) to the attacker, thereby effectively depleting their available resources.Comprehensive evaluations validate the accuracy and effectiveness of these approaches in deceiving adversaries, reducing analysis time, and mitigating malware threats. This research significantly contributes to the field of active cyber deception and offers efficient and scalable solutions for safeguarding digital systems against sophisticated attacks.