Defeating Adversary Network Intelligence Efforts with Active Cyber Defense Techniques
Abstract
The purpose of this research was to assess the potential of dynamic network reconfiguration and decoys to defeat adversary network reconnaissance efforts, thereby improving network defense. Specifically, this study sought to determine if the strategy has merit, thus warranting more resource intensive research and engineering studies. The research objective was achieved through a comprehensive literature review and limited technology survey. The key topics examined in the literature review include the network attack process, network defense strategies, deception and continuous unpredictable change. Many candidate technologies were surveyed, but only three identified as high potential were examined in detail: address hopping, honeypots and network telescopes. The following conclusions were reached: (a) the concept has merit and should be pursued further - dynamic network reconfiguration and decoys have demonstrated effectiveness in controlled experiments; (b) it's achievable in the near term - the essential technologies are available today; and (c) extensive analysis and engineering is needed to determine which technologies are appropriate, how and where to integrate them into our networks and how to employ them most effectively.
Document Details
- Document Type
- Technical Report
- Publication Date
- Jun 01, 2008
- Accession Number
- ADA488411
Entities
People
- Keith A. Repik
Organizations
- Air Force Institute of Technology