Cloud-based deception against network reconnaissance attacks using SDN and NFV

Show simple item record

dc.contributor.author Aydeger, Abdullah
dc.contributor.author Saputro, Nico
dc.contributor.author Akkaya, Kemal
dc.date.accessioned 2023-04-04T07:59:23Z
dc.date.available 2023-04-04T07:59:23Z
dc.date.issued 2020
dc.identifier.issn 978-1-7281-7158-6
dc.identifier.other maklhsc755
dc.identifier.uri http://hdl.handle.net/123456789/14785
dc.description Makalah dipresentasikan pada IEEE 45th Conference on Local Computer Networks (LCN). November 2020. p. 279-285. en_US
dc.description.abstract An attacker’s success crucially depends on the reconnaissance phase of Distributed Denial of Service (DDoS) attacks, which is the first step to gather intelligence. Although several solutions have been proposed against network reconnaissance attacks, they fail to address the needs of legitimate users’ requests. Thus, we propose a cloud-based deception framework which aims to confuse the attacker with reconnaissance replies while allowing legitimate uses. The deception is based on forwarding the reconnaissance packets to a cloud infrastructure through tunneling and SDN so that the returned IP addresses to the attacker will not be genuine. For handling legitimate requests, we create a reflected virtual topology in the cloud to match any changes in the original physical network to the cloud topology using SDN. Through experimentations on GENI platform, we show that our framework can provide reconnaissance responses with negligible delays to the network clients while also reducing the management costs significantly en_US
dc.language.iso en en_US
dc.publisher IEEE en_US
dc.title Cloud-based deception against network reconnaissance attacks using SDN and NFV en_US
dc.type Conference Papers en_US


Files in this item

This item appears in the following Collection(s)

Show simple item record

Search UNPAR-IR


Advanced Search

Browse

My Account