Publication:
A Technique for Presenting a Deceptive Dynamic Network Topology

Loading...
Thumbnail Image
Authors
Trassare, Samuel T.
Subjects
Topological deception, military deception, traceroute, network defense
Advisors
Beverly, Robert
Date of Issue
2013-03
Date
Mar-13
Publisher
Monterey, California: Naval Postgraduate School
Language
Abstract
Adversaries scan Department of Defense networks looking for vulnerabilities that allow surveillance or the embedding of destructive malware weapons. In cyberspace, adversaries either actively probe or passively observe defended computer networks in attempts to determine, among other attributes, the topology of the network. We develop a novel strategic deceptive methodology, based on principles of military deception, for deceiving a malicious traceroute probe in defense of a physical data communications network. We construct a proof-of-concept network to show that a remote adversary who uses traceroute to map the defended network_s topology can be presented with a false route of the defender_s choosing. Akin to military deception operations in the field and at sea, a network that employs a deception scheme implemented on an intelligent border router can present a deceptive topology to an adversary. Our experiments show that a defender using our technique can successfully deceive a traceroute probe, the first in a sequence of steps to mount a credible deception scheme against an adversary.
Type
Description
Department
Cyber Academic Group
Other Units
Identifiers
NPS Report Number
Sponsors
Funder
Format
Citation
Distribution Statement
Approved for public release; distribution is unlimited.
Rights
This publication is a work of the U.S. Government as defined
in Title 17, United States Code, Section 101. As such, it is in the
public domain, and under the provisions of Title 17, United States
Code, Section 105, is not copyrighted in the U.S.
Collections