Cyber Deception Architecture: Covert Attack Reconnaissance Using a Safe SDN Approach
Cyber Deception Architecture: Covert Attack Reconnaissance Using a Safe SDN Approach
dc.contributor.author | Shimanaka, Toru | |
dc.contributor.author | Masuoka, Ryusuke | |
dc.contributor.author | Hay, Brian | |
dc.date.accessioned | 2019-01-03T00:59:06Z | |
dc.date.available | 2019-01-03T00:59:06Z | |
dc.date.issued | 2019-01-08 | |
dc.description.abstract | Significant valuable information can be determined by observing attackers in action. These observations provide significant insight into the attacker’s TTPs and motivations. It is challenging to continue observations when attackers breach operational networks. This paper describes a deception network methodology that redirects traffic from the compromised Operational Network (O-Net) to an identically configured Deception Network (D-Net) minimizing any further compromise of operational data and assets, while also allowing the tactics, techniques, and procedures of the attacker to be studied. To keep the adversary oblivious to the transfer from the O-Net to the D-Net, we employ a sophisticated and unique packet rewriting technique using Software Defined Networking (SDN) technology that builds on two other strategies. This paper discusses the foundational strategies and introduces a new strategy that improves behavior for our described scenarios. We then provide some preliminary test results and suggest topics for further research. | |
dc.format.extent | 10 pages | |
dc.identifier.doi | 10.24251/HICSS.2019.876 | |
dc.identifier.isbn | 978-0-9981331-2-6 | |
dc.identifier.uri | http://hdl.handle.net/10125/60166 | |
dc.language.iso | eng | |
dc.relation.ispartof | Proceedings of the 52nd Hawaii International Conference on System Sciences | |
dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 International | |
dc.rights.uri | https://creativecommons.org/licenses/by-nc-nd/4.0/ | |
dc.subject | Cybersecurity and Software Assurance | |
dc.subject | Software Technology | |
dc.subject | covert attack reconnaissance, cyber deception, honeypot, OpenFlow, software defined networking | |
dc.title | Cyber Deception Architecture: Covert Attack Reconnaissance Using a Safe SDN Approach | |
dc.type | Conference Paper | |
dc.type.dcmi | Text |
Files
Original bundle
1 - 1 of 1
No Thumbnail Available
- Name:
- 0726.pdf
- Size:
- 1.2 MB
- Format:
- Adobe Portable Document Format
- Description: