TY - GEN
T1 - Moving target defense against network reconnaissance with softwaredefined networking
AU - Wang, Li
AU - Wu, Dinghao
N1 - Publisher Copyright:
© Springer International Publishing Switzerland 2016.
PY - 2016
Y1 - 2016
N2 - Online hosts and networks are easy targets of network attacks due to their static nature, which creates an information asym- metry and makes them easy to attack and hard to defend. To break the asymmetry, Moving Target Defense was proposed to bring uncertainties to computer systems. It can be applied to all levels of protections, cov- ering applications, system software, operating systems, and networks. In this paper, we present, Sniffer Reflector, a new method to practice Moving Target Defense against network reconnaissance, which is usually considered as the very first step of most attacks. Sniffer Reflector employs Software-Defined Networking to disturb network reconnaissance. We use virtualization to provide an obfuscated reconnaissance result for attack- ers. Our method can be easily combined with existing security tools for network forensics as well. We have developed a prototype in a virtual local area network. Our experiment results show that Sniffer Reflector is effective and efficient in blurring various network reconnaissance.
AB - Online hosts and networks are easy targets of network attacks due to their static nature, which creates an information asym- metry and makes them easy to attack and hard to defend. To break the asymmetry, Moving Target Defense was proposed to bring uncertainties to computer systems. It can be applied to all levels of protections, cov- ering applications, system software, operating systems, and networks. In this paper, we present, Sniffer Reflector, a new method to practice Moving Target Defense against network reconnaissance, which is usually considered as the very first step of most attacks. Sniffer Reflector employs Software-Defined Networking to disturb network reconnaissance. We use virtualization to provide an obfuscated reconnaissance result for attack- ers. Our method can be easily combined with existing security tools for network forensics as well. We have developed a prototype in a virtual local area network. Our experiment results show that Sniffer Reflector is effective and efficient in blurring various network reconnaissance.
UR - http://www.scopus.com/inward/record.url?scp=84988446563&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84988446563&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-45871-7_13
DO - 10.1007/978-3-319-45871-7_13
M3 - Conference contribution
AN - SCOPUS:84988446563
SN - 9783319458700
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 203
EP - 217
BT - Information Security - 19th International Conference, ISC 2016, Proceedings
A2 - Bishop, Matt
A2 - Nascimento, Anderson C.A.
PB - Springer Verlag
T2 - 19th Annual International Conference on Information Security, ISC 2016
Y2 - 3 September 2016 through 6 September 2016
ER -