Computer networks may never float like a butterfly, but Penn State information scientists suggest that creating nimble networks that can sense jabs from hackers could help deflect the stinging blows of those attacks.
“Because of the static nature of a computer network, the attacker has a time advantage,” said Dinghao Wu, assistant professor of information sciences and technology. “Hackers can spend a month, two months, six months or more just studying the network and finding vulnerabilities. When they return to use that information to attack, the network typically has not changed and those vulnerabilities are still there, too.”
The researchers, who release their findings at the Information Security Conference held in Honolulu today (Sept. 8), created a computer defense system that senses possible malicious probes of the network and then redirects that attack to a virtual network that offers little information about the real network.
Typically, the first step a hacker takes when attacking a network is a probe to gain information about the system — for example, what software types and versions, operating systems and hardware the network is running. Instead of trying to stop these hackers’ scans, researchers set up a detector to monitor incoming web traffic to determine when hackers are scanning the network.
“We can’t realistically stop all scanning activities, but we can usually tell when a malicious scan is happening,” said Wu. “If it’s a large-scale scan, it is usually malicious.”
Once a malicious scan is detected, the researchers use a network device — called a reflector — to redirect that traffic to a decoy, or shadow network, according to Li Wang, a doctoral candidate in information sciences and technology, who worked with Wu. The shadow network is isolated and invisible from the real network, but can mimic the structure of a physical network to fool the hackers into believing they are receiving information about an actual network.
“A typical strategy would be to create a shadow network environment that has the same look as the protection domain,” said Wang. “It can have the same number of nodes, network topology and configurations to fool the hacker. These shadow networks can be created to simulate complex network structures.”
The system, which is a type of defense known in the computer industry as a moving target defense, also gives network administrators the option to more easily change parts of the shadow network’s virtual system, making it even more difficult for hackers to assess the success of their scans.
Because the reflector can act as a regular network device when no malicious attacks are present, there should be little effect on the real network’s performance and functionality, according to Wu.
The researchers created a prototype for the system and tested it on a simulated network that runs on a computer — a virtual local area network. This allowed them to simulate both the attack and defense without using an actual network. The prototype was able to sense the incoming scan and deflect it to a shadow network.
According to the researchers, the information that was gathered from the attack scan only produced information from the shadow network.
Wu said the next step is to deploy the system in an actual network.
Learn more:Â Setting up a decoy network may help deflect a hacker’s hits
The Latest on: Moving target defense
[google_news title=”” keyword=”Moving target defense” num_posts=”10″ blurb_length=”0″ show_thumb=”left”]
via Google News
The Latest on: Moving target defense
- Morphisec Launches Anti-Ransomware Assurance Suite Powered by Automated Moving Target Defenseon April 18, 2024 at 12:20 am
Morphisac, a provider of prevention-first cybersecurity software, launched its Anti-Ransomware Assurance Suite, which aims to help organizations pre-emptively reduce exposure to cyber r ...
- USAF Using New Authority On Early Moving Target Indication, Resilient GPSon April 16, 2024 at 6:21 pm
USAF Using New Authority On Early Moving Target Indication, Resilient GPS is published in Aerospace Daily & Defense Report, an Aviation Week Intelligence Network (AWIN) Market Briefing and is included ...
- Air Force to get a head start on GPS, target tracking effortson April 16, 2024 at 6:29 am
The service's first two Quick Start efforts involve boosting GPS resilience and advancing moving target indication capabilities.
- Morphisec Unveils Anti-Ransomware Assurance Suite for Proactive Cyber Defenseon April 16, 2024 at 2:44 am
Morphisec has launched the Anti Ransomware Assurance Suite with Automated Moving Target Defense (AMTD) to reduce exposure to cyber risk.
- Trudeau nudges defense spending closer to NATO targeton April 16, 2024 at 2:00 am
Ottawa will ramp up its defense spending with an C$8.1 billion-cash injection, moving it from 1.38 to 1.76 percent of GDP by 2029-30 — missing the 2-percent target over the next five years and with ...
- In a budgetary first, Air Force will launch two programs without asking Congress in advanceon April 15, 2024 at 5:00 pm
The service will start projects to improve GPS and track moving targets under the “quick-start initiative” greenlit by lawmakers in the 2024 National Defense Authorization Act. It allows ...
- The status quo has become a moving target as college basketball ramps up to March Madnesson March 18, 2024 at 6:06 pm
Experience, defense, rebounding ... The status quo has become a moving target and everyone has to adapt.
- Air defense for $13 a shot? How lasers could revolutionize the way militaries counter enemy missiles and droneson March 13, 2024 at 7:52 pm
The Defense Ministry says the DragonFire can ... and the lasers must stay locked on moving targets for up to 10 seconds to burn holes in them, Boyd said. The British are not the first in ...
- Precision strikes on moving targets: U.S. upgrades HIMARS rockets for mobile target capabilityon October 13, 2023 at 2:40 pm
Former Ukraine's Defense Minister, Oleksii Reznikov, previously noted that Ukraine needed approximately 50 HIMARS systems to halt the Russian army's advances and around 100 for an effective ...
via Bing News