Visible to the public Defending Web Servers with Feints, Distraction and Obfuscation

Submitted by grigby1 on Fri, 05/15/2020 - 12:00pm
TitleDefending Web Servers with Feints, Distraction and Obfuscation
Publication TypeConference Paper
Year of Publication2018
AuthorsFraunholz, Daniel, Schotten, Hans D.
Conference Name2018 International Conference on Computing, Networking and Communications (ICNC)
ISBN Number978-1-5386-3652-7
KeywordsComputer crime, computer network security, cyber threat landscape, Databases, deception based information security, deceptive counter measure abilities, deceptive defense strategies, delay strategies, delays, file servers, honeytokens, Internet, IP networks, Network reconnaissance, pubcrawl, Reconnaissance, reconnaissance process, resilience, Resiliency, robots, Scalability, security strategies, Web servers
Abstract

In this paper we investigate deceptive defense strategies for web servers. Web servers are widely exploited resources in the modern cyber threat landscape. Often these servers are exposed in the Internet and accessible for a broad range of valid as well as malicious users. Common security strategies like firewalls are not sufficient to protect web servers. Deception based Information Security enables a large set of counter measures to decrease the efficiency of intrusions. In this work we depict several techniques out of the reconnaissance process of an attacker. We match these with deceptive counter measures. All proposed measures are implemented in an experimental web server with deceptive counter measure abilities. We also conducted an experiment with honeytokens and evaluated delay strategies against automated scanner tools.
URLhttps://ieeexplore.ieee.org/document/8390365
DOI10.1109/ICCNC.2018.8390365
Citation Keyfraunholz_defending_2018
Groups: