28 May 2014 Bio-inspired diversity for increasing attacker workload
Author Affiliations +
Much of the traffic in modern computer networks is conducted between clients and servers, rather than client-toclient. As a result, servers represent a high-value target for collection and analysis of network traffic. As they reside at a single network location (i.e. IP/MAC address) for long periods of time. Servers present a static target for surveillance, and a unique opportunity to observe the network traffic. Although servers present a heightened value for attackers, the security community as a whole has shifted more towards protecting clients in recent years leaving a gap in coverage. In addition, servers typically remain active on networks for years, potentially decades. This paper builds on previous work that demonstrated a proof of concept leveraging existing technology for increasing attacker workload. Here we present our clean slate approach to increasing attacker workload through a novel hypervisor and micro-kernel, utilizing next generation virtualization technology to create synthetic diversity of the server's presence including the hardware components.
© (2014) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Stephen Kuhn, Stephen Kuhn, "Bio-inspired diversity for increasing attacker workload", Proc. SPIE 9119, Machine Intelligence and Bio-inspired Computation: Theory and Applications VIII, 91190I (28 May 2014); doi: 10.1117/12.2058682; https://doi.org/10.1117/12.2058682


Proactive malware detection
Proceedings of SPIE (June 17 2014)
Proceedings of SPIE (February 20 2001)

Back to Top