Publication | Closed Access
Dynamic approaches to thwart adversary intelligence gathering
150
Citations
0
References
2002
Year
Unknown Venue
Dynamic Network DefenseEngineeringInformation SecurityHardware SecurityDynamic ApproachesIp AddressDenial-of-service AttackSystems EngineeringNetwork TrafficReal-time Adaptive SecurityNetwork SecurityDdos DetectionIntrusion Detection SystemComputer EngineeringData PrivacyComputer ScienceData SecurityCryptographyProgram AnalysisAttack ModelThreat HuntingCyber Threat Intelligence
The DARPA Information Assurance Program did initial research in the area of dynamic network defense, trying to prove that dynamic network reconfiguration would inhibit an adversary's ability to gather intelligence, and thus degrade the ability to successfully launch an attack. A technique that enabled dynamic network address translation of the IP address and TCP port number combinations in packet headers was implemented in an experimental network. Two tests were conducted: one to demonstrate that it is possible to disrupt an adversary's ability to sniff network traffic effectively, and another to show that the ability of intrusion detection tools to detect an adversary can be improved. The tests were successful.