Cloud-based Deception against Network Reconnaissance Attacks using SDN and NFV
Title | Cloud-based Deception against Network Reconnaissance Attacks using SDN and NFV |
Publication Type | Conference Paper |
Year of Publication | 2020 |
Authors | Aydeger, A., Saputro, N., Akkaya, K. |
Conference Name | 2020 IEEE 45th Conference on Local Computer Networks (LCN) |
Date Published | Nov. 2020 |
Publisher | IEEE |
ISBN Number | 978-1-7281-7158-6 |
Keywords | cloud computing, Computer crime, control systems, denial-of-service attack, IP networks, Network reconnaissance, pubcrawl, Reconnaissance, resilience, Resiliency, Scalability, Servers |
Abstract | An attacker's success crucially depends on the reconnaissance phase of Distributed Denial of Service (DDoS) attacks, which is the first step to gather intelligence. Although several solutions have been proposed against network reconnaissance attacks, they fail to address the needs of legitimate users' requests. Thus, we propose a cloud-based deception framework which aims to confuse the attacker with reconnaissance replies while allowing legitimate uses. The deception is based on for-warding the reconnaissance packets to a cloud infrastructure through tunneling and SDN so that the returned IP addresses to the attacker will not be genuine. For handling legitimate requests, we create a reflected virtual topology in the cloud to match any changes in the original physical network to the cloud topology using SDN. Through experimentations on GENI platform, we show that our framework can provide reconnaissance responses with negligible delays to the network clients while also reducing the management costs significantly. |
URL | https://ieeexplore.ieee.org/document/9314797 |
DOI | 10.1109/LCN48667.2020.9314797 |
Citation Key | aydeger_cloud-based_2020 |