Download
1 / 5
60 likes | 186 Vues
This paper proposes a comprehensive strategy for dynamically managing security elements in network routing and intrusion detection systems. By leveraging both real and faux data, the system introduces various detection methods such as rule-based, stateful, and intelligent detection, alongside anomaly recognition and attack classification. Key features include monitoring system integrity, isolating attacks, redirecting them away from critical systems, and utilizing artificial opponents to enhance data collection. Additionally, watermarking techniques are employed to create believable faux data, facilitating improved defense against attackers and maintaining evidence for potential extortion schemes.
E N D
Flytrap: A Proposed Network-Based Strategy for Dynamically Managing Security
System Elements Network routing Intrusion Detection Artificial Opponent Attack Database “Real” Systems “Faux” Systems Real data Faux data Faux Data Watermarking
Detection Strategies • No detection • Rule-based detection • Simple firewall (stateless) • Stateful detection • Intelligent detection • Anomaly detection • Attack classification
Observation • Monitor integrity of all systems • Isolate attacks to appropriate systems • Redirect attacks away from real systems • Generate attack logs usable by IDS and artificial opponents • Use an artificial opponent to collect more data • Conduct observation on system containing no “real” data
(Mis)information • Use dynamically generated data to misinform attacker • Create a “believable” yet harmless base • Use a watermarking algorithm to produce variations on base • Store watermark as evidence of attack • Data may be stored on attacker’s system • Data may be used in extortion schemes
