28 May 2014 Bio-inspired diversity for increasing attacker workload
Author Affiliations +
Much of the traffic in modern computer networks is conducted between clients and servers, rather than client-toclient. As a result, servers represent a high-value target for collection and analysis of network traffic. As they reside at a single network location (i.e. IP/MAC address) for long periods of time. Servers present a static target for surveillance, and a unique opportunity to observe the network traffic. Although servers present a heightened value for attackers, the security community as a whole has shifted more towards protecting clients in recent years leaving a gap in coverage. In addition, servers typically remain active on networks for years, potentially decades. This paper builds on previous work that demonstrated a proof of concept leveraging existing technology for increasing attacker workload. Here we present our clean slate approach to increasing attacker workload through a novel hypervisor and micro-kernel, utilizing next generation virtualization technology to create synthetic diversity of the server's presence including the hardware components.
© (2014) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Stephen Kuhn, Stephen Kuhn, } "Bio-inspired diversity for increasing attacker workload", Proc. SPIE 9119, Machine Intelligence and Bio-inspired Computation: Theory and Applications VIII, 91190I (28 May 2014); doi: 10.1117/12.2058682; https://doi.org/10.1117/12.2058682


Proactive malware detection
Proceedings of SPIE (June 18 2014)
Proceedings of SPIE (February 21 2001)
Using OpenSSH to secure mobile LAN network traffic
Proceedings of SPIE (August 06 2002)

Back to Top