Thwarting Adversarial Network Reconnaissance Through Vulnerability Scan Denial and Deception with Data Plane Programming and P4

This paper presents a novel application of Data-Plane Programming technology for denial, deception, and engagement with cyber adversaries that are performing active network reconnaissance: specifically, a network-based vulnerability assessment. Data-Plane Programming enables "programmable"...

Full description

Saved in:
Bibliographic Details
Main Authors: Ha, Sean, Smith, Gavin, Starr, Robert
Format: Conference Proceeding
Language:English
Subjects:
Adversary Engagement
Data Plane Programming
Deception
Denial
Fabrics
Metadata
NESSUS
Network architecture
Nmap
Programming
Reconnaissance
Software Defined Networking
Surgery
Telecommunication traffic
Vulnerability Scanning
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:This paper presents a novel application of Data-Plane Programming technology for denial, deception, and engagement with cyber adversaries that are performing active network reconnaissance: specifically, a network-based vulnerability assessment. Data-Plane Programming enables "programmable" network switches and routers to manipulate and modify the overall structure of network traffic packets, with the goal of zeroing out (nulling) metadata signatures that serve as indicators of vulnerability, which an adversary may use as intel to inform and guide their attacks. This proposed approach targets manipulation of network scan packets to present a distorted, deceptive state of the network's attack surface and vulnerability landscape.
ISSN:2155-7586
DOI:10.1109/MILCOM58377.2023.10356213