Home

Automating the Injection of Believable Decoys to Detect Snooping

Brian M. Bowen; Vasileios Kemerlis; Pratap Rabhu; Angelos D. Keromytis; Salvatore Stolfo

Title:
Automating the Injection of Believable Decoys to Detect Snooping
Author(s):
Bowen, Brian M.
Kemerlis, Vasileios
Rabhu, Pratap
Keromytis, Angelos D.
Stolfo, Salvatore
Date:
Type:
Articles
Department:
Computer Science
Permanent URL:
Book/Journal Title:
WiSec'10: Proceedings of the Third ACM Conference on Wireless Network Security: Hoboken, New Jersey, March 22-24, 2010
Publisher:
Association for Computing Machinery
Publisher Location:
New York
Abstract:
We propose a novel trap-based architecture for enterprise networks that detects "silent" attackers who are eavesdropping network traffic. The primary contributions of our work are the ease of injecting, automatically, large amounts of believable bait, and the integration of various detection mechanisms in the back-end. We demonstrate our methodology in a prototype platform that uses our decoy injection API to dynamically create and dispense network traps on a subset of our campus wireless network. Finally, we present results of a user study that demonstrates the believability of our automatically generated decoy traffic.
Subject(s):
Computer science
Publisher DOI:
10.1145/1741866.1741880
Item views:
142
Metadata:
text | xml

In Partnership with the Center for Digital Research and Scholarship at Columbia University Libraries/Information Services | Terms of Use