acm-header
Sign In

Communications of the ACM

ACM TechNews

Setting Up a Decoy Network May Help Deflect a Hacker's Hits


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
Instead of trying to stop a hacker's scan, researchers set up a detector to monitor incoming web traffic to determine when hackers are scanning the network.

Researchers at Pennsylvania State University created a computer defense system that detects possible malicious probes of a network and redirects such an attack to a virtual network that offers little information about the real network.

Credit: Vladimir Timofeev/iStock

Pennsylvania State University (PSU) researchers have created a computer defense system that senses possible malicious probes of a network and then redirects the attack to a virtual network that offers little information about the real network.

The team says they used a network device, called a reflector, to redirect traffic to a decoy, or shadow network.

"We can't realistically stop all scanning activities, but we can usually tell when a malicious scan is happening," says PSU professor Dinghao Wu. "If it's a large-scale scan, it is usually malicious."

Isolated and invisible from the real network, the decoy network can mimic the structure of a physical network to fool hackers into believing they are receiving information about an actual network.

The team tested a prototype on a simulated network and it was able to sense the incoming scan and deflect it to a shadow network. The researchers say the information that was gathered from the attack scan only produced information from the shadow network.

Wu says the next step will be to implement the system in a real network.

From Penn State News
View Full Article

 

Abstracts Copyright © 2016 Information Inc., Bethesda, Maryland, USA


 

No entries found