Active Computer Network Defense: An Assessment
AIR UNIV MAXWELL AFB AL
Pagination or Media Count:
A Presidential Commission, several writers, and numerous network security incidents have called attention to the potential vulnerability of the Defense Information Infrastructure DII to attack, Transmission Control ProtocolInternet Protocol TCPIP networks are inherently resistant to physical attack because of their decentralized structure, but are vulnerable to CNA, Passive defenses can be very effective in forestalling CNA, but their effectiveness relies on the capabilities and attentiveness of system administrators and users, There are still many measures that can be taken to improve the effectiveness of passive defenses, and one of these is active defense, It can be divided into three categories preemptive attacks, counterattacks, and active deception. Preemptive attacks show little potential for affecting an adversarys CNA capabilities, since these are likely to remain isolated from the Internet until actually beginning their attack, Counterattacks show more promise, but only if begun early enough to permit all preparatory activities to be completed before the adversarys CNA is completed, Active deception also shows promise, but only as long as intrusions can be detected quickly and accurately, and adversaries redirected into dummy networks, Active and passive defense measures can work synergistically, to strengthen one another.
- Computer Systems
- Computer Systems Management and Standards