Moving target defense against network reconnaissance with softwaredefined networking

Li Wang, Dinghao Wu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

18 Scopus citations

Abstract

Online hosts and networks are easy targets of network attacks due to their static nature, which creates an information asym- metry and makes them easy to attack and hard to defend. To break the asymmetry, Moving Target Defense was proposed to bring uncertainties to computer systems. It can be applied to all levels of protections, cov- ering applications, system software, operating systems, and networks. In this paper, we present, Sniffer Reflector, a new method to practice Moving Target Defense against network reconnaissance, which is usually considered as the very first step of most attacks. Sniffer Reflector employs Software-Defined Networking to disturb network reconnaissance. We use virtualization to provide an obfuscated reconnaissance result for attack- ers. Our method can be easily combined with existing security tools for network forensics as well. We have developed a prototype in a virtual local area network. Our experiment results show that Sniffer Reflector is effective and efficient in blurring various network reconnaissance.

Original languageEnglish (US)
Title of host publicationInformation Security - 19th International Conference, ISC 2016, Proceedings
EditorsMatt Bishop, Anderson C.A. Nascimento
PublisherSpringer Verlag
Pages203-217
Number of pages15
ISBN (Print)9783319458700
DOIs
StatePublished - 2016
Event19th Annual International Conference on Information Security, ISC 2016 - Honolulu, United States
Duration: Sep 3 2016Sep 6 2016

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume9866 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other19th Annual International Conference on Information Security, ISC 2016
Country/TerritoryUnited States
CityHonolulu
Period9/3/169/6/16

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'Moving target defense against network reconnaissance with softwaredefined networking'. Together they form a unique fingerprint.

Cite this