Cyber Moat: Adaptive Virtualized Network Framework for Deception and Disinformation

Abstract

There is an ever-growing dependency on computer network for modern society. More and more enterprises and companies build their business on the networked information system. Current enterprise networks are usually built with static topology and fixed network configuration. An attacker has long enough time to scan and collect the network information and develop sophisticated exploits for future attack. We propose to design and develop an adaptive deception and disinformation system called Cyber Moat that protects a real system through hiding it in a continuouslymorphing virtual network and serves disinformation (false statements) with a novel Decoy Master/Agent mechanism to convince the trapped attackers of untruth. We can achieve both deception and disinformation goals using a flexible dynamic virtualized network framework.Key innovative claims of our approach include a relatively stable network mirage can trap attackers into believing that they have succeeded in penetrating the real system, while they actually only penetrate one or more of the mirage nodes and a continuously morphing virtualized network projected by our deceptive cyber moat can successfully confuse and frustrate adversaries by preventing them from ever achieving an accurate enough understanding of our real system, and hence prevent system penetration.

Document Details

Document Type

DoD Grant Award

Publication Date

Nov 23, 2016

Source ID

N000141613216

Entities

Tags