Computer networks may never float like a butterfly, but Penn State information scientists suggest that creating nimble networks that can sense jabs from hackers could help deflect the stinging blows of those attacks.
“Because of the static nature of a computer network, the attacker has a time advantage,” said Dinghao Wu, assistant professor of information sciences and technology. “Hackers can spend a month, two months, six months or more just studying the network and finding vulnerabilities. When they return to use that information to attack, the network typically has not changed and those vulnerabilities are still there, too.”
The researchers, who release their findings at the Information Security Conference held in Honolulu today (Sept. 8), created a computer defense system that senses possible malicious probes of the network and then redirects that attack to a virtual network that offers little information about the real network.
Typically, the first step a hacker takes when attacking a network is a probe to gain information about the system — for example, what software types and versions, operating systems and hardware the network is running. Instead of trying to stop these hackers’ scans, researchers set up a detector to monitor incoming web traffic to determine when hackers are scanning the network.
“We can’t realistically stop all scanning activities, but we can usually tell when a malicious scan is happening,” said Wu. “If it’s a large-scale scan, it is usually malicious.”
Once a malicious scan is detected, the researchers use a network device — called a reflector — to redirect that traffic to a decoy, or shadow network, according to Li Wang, a doctoral candidate in information sciences and technology, who worked with Wu. The shadow network is isolated and invisible from the real network, but can mimic the structure of a physical network to fool the hackers into believing they are receiving information about an actual network.
“A typical strategy would be to create a shadow network environment that has the same look as the protection domain,” said Wang. “It can have the same number of nodes, network topology and configurations to fool the hacker. These shadow networks can be created to simulate complex network structures.”
The system, which is a type of defense known in the computer industry as a moving target defense, also gives network administrators the option to more easily change parts of the shadow network’s virtual system, making it even more difficult for hackers to assess the success of their scans.
Because the reflector can act as a regular network device when no malicious attacks are present, there should be little effect on the real network’s performance and functionality, according to Wu.
The researchers created a prototype for the system and tested it on a simulated network that runs on a computer — a virtual local area network. This allowed them to simulate both the attack and defense without using an actual network. The prototype was able to sense the incoming scan and deflect it to a shadow network.
According to the researchers, the information that was gathered from the attack scan only produced information from the shadow network.
Wu said the next step is to deploy the system in an actual network.
The Latest on: Moving target defense
via Google News
The Latest on: Moving target defense
- Anthony Rendon’s return allowed Angels to reset their defenseon April 30, 2021 at 8:56 pm
Through Thursday, the Angels were 30th in MLB in defensive efficiency – converting balls in play into outs – and limiting opponents’ batting average on balls in play.
- Defense takes center stage for St. Mary’s lacrosse at Gilman in Friday’s 7-6 winon April 30, 2021 at 8:07 pm
With its lead down to a goal and still a man down in the closing two minutes at Gilman, the St. Mary’s lacrosse team did what it has for much of the season Friday — keep together and enjoy the ...
- Thales FZ90 2.75 inch FFAR rocket motor qualified with Arnold Defense launcherson April 29, 2021 at 5:26 am
Arnold Defense, in association with Thales, has received formal certification to fire the Thales FZ90 70 mm/2.75 inch unguided Folding Fin Aircraft Rocket (FFAR) ...
- Department of Defense grants gelp CU Cancer Center researchers investigate metastasison April 26, 2021 at 9:00 pm
Two members of the University of Colorado Cancer Center have received prestigious Idea Awards from the US Department of Defense's Peer Reviewed Cancer Research Program (PRCRP).
- Texans' Top 2021 NFL Draft Targetson April 26, 2021 at 6:00 am
The Houston Texans find themselves in an awkward position heading into the 2021 NFL draft. They only won four games this past season and could use a serious influx of ...
- Texans' Reid On Lovie's Defense: 'Go Get The Ball'on April 25, 2021 at 4:26 pm
Houston Texans starting safety Justin Reid speaks on the performance of their 2020 defense and that changes heading their way under defensive coordinator Lovie Smith.
- How Israel’s missile defense organization is preparing for the threats of the futureon April 23, 2021 at 2:45 pm
The head of the Israel Missile Defense Organization explains what threats the agency needs to be prepared for in the future.
- Inovio Shares Slump as Defense Department Ceases Vaccine Fundingon April 23, 2021 at 7:01 am
The Department of Defense will fund ... rather a fast-moving environment associated with the former Operation Warp Speed on decisions related to future products." The U.S. met President Joe Biden’s ...
- KBR Centauri to develop synthetic aperture radar detection algorithms to image ground moving targetson April 21, 2021 at 2:42 am
MTR revolves around recognizing slow-moving military vehicle targets with synthetic aperture radar (SAR) signatures that are superimposed on clutter.
via Bing News