Computer networks may never float like a butterfly, but Penn State information scientists suggest that creating nimble networks that can sense jabs from hackers could help deflect the stinging blows of those attacks.
“Because of the static nature of a computer network, the attacker has a time advantage,” said Dinghao Wu, assistant professor of information sciences and technology. “Hackers can spend a month, two months, six months or more just studying the network and finding vulnerabilities. When they return to use that information to attack, the network typically has not changed and those vulnerabilities are still there, too.”
The researchers, who release their findings at the Information Security Conference held in Honolulu today (Sept. 8), created a computer defense system that senses possible malicious probes of the network and then redirects that attack to a virtual network that offers little information about the real network.
Typically, the first step a hacker takes when attacking a network is a probe to gain information about the system — for example, what software types and versions, operating systems and hardware the network is running. Instead of trying to stop these hackers’ scans, researchers set up a detector to monitor incoming web traffic to determine when hackers are scanning the network.
“We can’t realistically stop all scanning activities, but we can usually tell when a malicious scan is happening,” said Wu. “If it’s a large-scale scan, it is usually malicious.”
Once a malicious scan is detected, the researchers use a network device — called a reflector — to redirect that traffic to a decoy, or shadow network, according to Li Wang, a doctoral candidate in information sciences and technology, who worked with Wu. The shadow network is isolated and invisible from the real network, but can mimic the structure of a physical network to fool the hackers into believing they are receiving information about an actual network.
“A typical strategy would be to create a shadow network environment that has the same look as the protection domain,” said Wang. “It can have the same number of nodes, network topology and configurations to fool the hacker. These shadow networks can be created to simulate complex network structures.”
The system, which is a type of defense known in the computer industry as a moving target defense, also gives network administrators the option to more easily change parts of the shadow network’s virtual system, making it even more difficult for hackers to assess the success of their scans.
Because the reflector can act as a regular network device when no malicious attacks are present, there should be little effect on the real network’s performance and functionality, according to Wu.
The researchers created a prototype for the system and tested it on a simulated network that runs on a computer — a virtual local area network. This allowed them to simulate both the attack and defense without using an actual network. The prototype was able to sense the incoming scan and deflect it to a shadow network.
According to the researchers, the information that was gathered from the attack scan only produced information from the shadow network.
Wu said the next step is to deploy the system in an actual network.
The Latest on: Moving target defense
via Google News
The Latest on: Moving target defense
- AEW Rankings: The NWA champ is moving up the chartson November 25, 2020 at 8:50 am
Let’s check out the movers and shakers. Men: The men’s top 5 remains the same. Jon Moxley is scheduled to put his strap on the line against Kenny Omega on December 2, but Mox was pummeled to a ...
- Patriots’ Pass Defense Is Biggest Disappointment In Disappointing Seasonon November 25, 2020 at 5:03 am
The Patriots' pass defense -- it's secondary, specifically -- was expected to be New England's constant in a season of turmoil.
- Fantasy Football Week 12: Michael Pittman Jr. and Other Top Waiver-Wire Targetson November 24, 2020 at 6:01 am
Only six weeks remain in the 2020 NFL regular season. While there's still a lot of football left to be played, the fantasy football postseason is right around the ...
- Week 12 Fantasy Defense Rankings: Sleepers, busts, waiver-wire D/ST streamers to targeton November 23, 2020 at 1:24 am
There are a lot of intriguing matchups in our Week 12 fantasy defense rankings. Find out which potential D/ST sleepers and waiver wire pickups you can trust, and which normal starting units you should ...
- Moving around defense doesn’t faze Steelers’ versatile Suttonon November 18, 2020 at 8:30 pm
So why is Cameron Sutton viewed as being so valuable to the Pittsburgh Steelers defense? Perhaps because ... to just be a stationary guy. I’m a moving target. I’m not going to just let you ...
- Acting defense secretary assures end of ‘generational’ Mideast wars in announcement of partial drawdownon November 17, 2020 at 11:26 am
Acting Defense Secretary Chris Miller announced on Tuesday that the U.S. will draw down its troop levels to 2,500 in both Iraq and Afghanistan in the new year, confirming rumors that have circulated ...
- Chinese Ballistic Missiles Fired Into South China Sea Claimed to Hit Target Shipon November 17, 2020 at 4:56 am
A news report claims that the August ASBM tests successfully hit a moving vessel and did not just fall into the sea.
- The US Navy is moving to put more ship-killer missiles on submarineson November 16, 2020 at 7:04 pm
The U.S. Navy is pushing ahead with fielding more anti-ship cruise missiles on submarines in the Pacific, the head of U.S. Navy Submarine Forces said Monday. As the U.S. fleet grapples with the rising ...
- Chinese Long-Range Ballistic Missiles Struck Moving Ship In South China Sea: Reporton November 16, 2020 at 2:32 pm
The test could represent the first full demonstration of a real Chinese long-range anti-ship ballistic missile capability.
via Bing News