Research Summaries

Back Darknet and DoD Networks: Obfuscation, Spoof Detection, and Elimination

Fiscal Year 2015
Division Research & Sponsored Programs
Department Naval Research Program
Investigator(s) Gallup, Shelley P.
Sponsor NPS Naval Research Program (Navy)
Summary The pervasiveness of network traffic lacking attribution inhibits the deterrence of malicious online actors. Without attribution, malicious actors can launch near-anonymous cyber attacks with relative impunity - and may even redirect reprisal. Shortcomings in attribution would be less of a concern if anonymous relay network traffic could be discerned from non-relay traffic and blocked due to its anonymity. This work is a preliminary exploration into statistically identifiable online anonymity characteristics of network traffic. Network traffic characteristics will be observed and analyzed to determine if anonymous relay traffic may be discerned from types of non-relay traffic. The method applies Bayesian logic (using the knowledge of prior events to predict future events) to determine if on line identities originate from anonymous relays by examining three characteristics of anonymous network traffic; 1) network traffic packet header offset 2) logical port continuity 3) network packet round-trip timing.
Keywords
Publications Publications, theses (not shown) and data repositories will be added to the portal record when information is available in FAIRS and brought back to the portal
Data Publications, theses (not shown) and data repositories will be added to the portal record when information is available in FAIRS and brought back to the portal