Visible to the public Biblio

Filters: Author is Krohmer, Daniel  [Clear All Filters]
Conference Paper
Fraunholz, Daniel, Krohmer, Daniel, Duque Anton, Simon, Schotten, Hans Dieter.  2018.  Catch Me If You Can: Dynamic Concealment of Network Entities. Proceedings of the 5th ACM Workshop on Moving Target Defense. :31–39.
In this paper, a framework for Moving Target Defense is introduced. This framework bases on three pillars: network address mutation, communication stack randomization and the dynamic deployment of decoys. The network address mutation is based on the concept of domain generation algorithms, where different features are included to fulfill the system requirements. Those requirements are time dependency, unpredictability and determinism. Communication stack randomization is applied additionally to increase the complexity of reconnaissance activity. By employing communication stack randomization, previously fingerprinted systems do not only differ in the network address but also in their communication pattern behavior. And finally, decoys are integrated into the proposed framework to detect attackers that have breached the perimeter. Furthermore, attacker's resources can be bound by interacting with the decoy systems. Additionally, the framework can be extended with more advanced Moving Target Defense methods such as obscuring port numbers of services.