Dynamic approaches to thwart adversary intelligence gathering

Author

Kewley, Dorene ; Fink, Russ ; Lowry, John ; Dean, Mike

Volume

1

fYear

2001

fDate

2001

Firstpage

176

Abstract

The DARPA Information Assurance Program did initial research in the area of dynamic network defense, trying to prove that dynamic network reconfiguration would inhibit an adversary´s ability to gather intelligence, and thus degrade the ability to successfully launch an attack. A technique that enabled dynamic network address translation of the IP address and TCP port number combinations in packet headers was implemented in an experimental network. Two tests were conducted: one to demonstrate that it is possible to disrupt an adversary´s ability to sniff network traffic effectively, and another to show that the ability of intrusion detection tools to detect an adversary can be improved. The tests were successful

Keywords

computer networks; military computing; security of data; telecommunication security; DARPA Information Assurance Program; IP address; TCP port number; adversary intelligence gathering; dynamic network address translation; dynamic network defense; dynamic network reconfiguration; intrusion detection; network traffic; Computer hacking; Degradation; IP networks; Intelligent networks; Intrusion detection; Network address translation; Protocols; TCPIP; Testing; Time factors;

fLanguage

English

Publisher

ieee

Conference_Titel

DARPA Information Survivability Conference & Exposition II, 2001. DISCEX '01. Proceedings

Conference_Location

Anaheim, CA

Print_ISBN

0-7695-1212-7

Type

conf

DOI

10.1109/DISCEX.2001.932214

Filename

932214