Design and Implementation of Decoy Enhanced Dynamic Virtualization Networks

Abstract

Sophisticated adversaries usually initiate their attacks with a reconnaissance phase to discover exploitable vulnerabilities on the targeted networks and systems. This attacking strategy works well due to the static nature of the network topology. To mitigate the effectiveness of reconnaissance attacks, we propose to develop a defensive mechanism that dynamically mutates network topology with a large number of decoys to invalidate the attacker's knowledge from network scanning. In this work, we focus on solving two major challenges associated with dynamic network topology, namely, service availability to legitimate users and service security against unauthorized users.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Dec 12, 2016
Accession Number
AD1023928

Entities

People

  • Kun Sun

Organizations

  • College of William & Mary

Tags

Communities of Interest

  • Cyber
  • Engineered Resilient Systems
  • Materials and Manufacturing Processes
  • Weapons Technologies

DTIC Thesaurus Topics

  • Computer Science
  • Computers
  • Cybersecurity
  • Information Operations
  • Information Security
  • Intrusion Detection
  • Intrusion Detection Systems
  • Intrusion Detectors
  • Monitoring
  • Moving Target Defense
  • Moving Targets
  • Network Topology
  • Operating Systems
  • Reliability
  • Security
  • Universities
  • Virtualization

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Neural Network Machine Learning.