Summaries - Office of Research & Innovation
Research Summaries
Back Fossilhunt Phase III: Software Development for Network Deception Technologies
Fiscal Year | 2017 |
Division | Graduate School of Operational & Information Sciences |
Department | Computer Science |
Investigator(s) | Beverly, Robert E. |
Sponsor | Laboratory for Telecommunications Sciences (DoD) |
Summary |
Based on NPS’s previous research into robust network measurement, we have identified two of our state-of-the-art techniques that represent a significant opportunity to provide new network reconnaissance abilities. With additional software research and development, our techniques can enhance operational network security while giving new insights into the behavior of real-world networks. As in past years, the high-level goals of this project are to advance the state of the art in both network deception, and detection of network deception. This statement of work seeks to extend, enhance, and test two specific tools of recognized value to the sponsor. As such, we propose two primary development thrusts: 1) Enhancing the capabilities of our novel high-speed active mapping tool, Yarrp 2) Deployment and testing of our novel scalable network tarpit tool, Greasy In this continuing effort, we will add new probing capabilities to Yarrp (IPv6, UDP IPv4), utilize new block ciphers to increase its scanning speed, decouple probe transmission from collection, and collaborate with CAIDA to deploy Yarrp in continuous production on a distributed collection of dedicated vantage points. In parallel, we will validate our recent work on the Greasy network tarpit by deploying it in both IPv4 and IPv6 production environments and performing extensive testing to ensure a production-ready tool. We anticipate the successful completion of these two efforts to yield significant new defensive capabilities for the sponsor. |
Keywords | Deception Measurement Network Security |
Publications | Publications, theses (not shown) and data repositories will be added to the portal record when information is available in FAIRS and brought back to the portal |
Data | Publications, theses (not shown) and data repositories will be added to the portal record when information is available in FAIRS and brought back to the portal |