Visible to the public Cloud-based Deception against Network Reconnaissance Attacks using SDN and NFV

TitleCloud-based Deception against Network Reconnaissance Attacks using SDN and NFV
Publication TypeConference Paper
Year of Publication2020
AuthorsAydeger, A., Saputro, N., Akkaya, K.
Conference Name2020 IEEE 45th Conference on Local Computer Networks (LCN)
Date PublishedNov. 2020
PublisherIEEE
ISBN Number978-1-7281-7158-6
Keywordscloud computing, Computer crime, control systems, denial-of-service attack, IP networks, Network reconnaissance, pubcrawl, Reconnaissance, resilience, Resiliency, Scalability, Servers
Abstract

An attacker's success crucially depends on the reconnaissance phase of Distributed Denial of Service (DDoS) attacks, which is the first step to gather intelligence. Although several solutions have been proposed against network reconnaissance attacks, they fail to address the needs of legitimate users' requests. Thus, we propose a cloud-based deception framework which aims to confuse the attacker with reconnaissance replies while allowing legitimate uses. The deception is based on for-warding the reconnaissance packets to a cloud infrastructure through tunneling and SDN so that the returned IP addresses to the attacker will not be genuine. For handling legitimate requests, we create a reflected virtual topology in the cloud to match any changes in the original physical network to the cloud topology using SDN. Through experimentations on GENI platform, we show that our framework can provide reconnaissance responses with negligible delays to the network clients while also reducing the management costs significantly.

URLhttps://ieeexplore.ieee.org/document/9314797
DOI10.1109/LCN48667.2020.9314797
Citation Keyaydeger_cloud-based_2020