Title :
Dynamic approaches to thwart adversary intelligence gathering
Author :
Kewley, Dorene ; Fink, Russ ; Lowry, John ; Dean, Mike
Abstract :
The DARPA Information Assurance Program did initial research in the area of dynamic network defense, trying to prove that dynamic network reconfiguration would inhibit an adversary´s ability to gather intelligence, and thus degrade the ability to successfully launch an attack. A technique that enabled dynamic network address translation of the IP address and TCP port number combinations in packet headers was implemented in an experimental network. Two tests were conducted: one to demonstrate that it is possible to disrupt an adversary´s ability to sniff network traffic effectively, and another to show that the ability of intrusion detection tools to detect an adversary can be improved. The tests were successful
Keywords :
computer networks; military computing; security of data; telecommunication security; DARPA Information Assurance Program; IP address; TCP port number; adversary intelligence gathering; dynamic network address translation; dynamic network defense; dynamic network reconfiguration; intrusion detection; network traffic; Computer hacking; Degradation; IP networks; Intelligent networks; Intrusion detection; Network address translation; Protocols; TCPIP; Testing; Time factors;
Conference_Titel :
DARPA Information Survivability Conference & Exposition II, 2001. DISCEX '01. Proceedings
Conference_Location :
Anaheim, CA
Print_ISBN :
0-7695-1212-7
DOI :
10.1109/DISCEX.2001.932214
