Accession Number:

ADA467120

Title:

Intrusion Deception in Defense of Computer Systems

Descriptive Note:

Master's thesis

Corporate Author:

NAVAL POSTGRADUATE SCHOOL MONTEREY CA

Personal Author(s):

Report Date:

2007-03-01

Pagination or Media Count:

59.0

Abstract:

We investigate deception in response to cyber-intrusion or trespassing on computer systems. We present a Response Framework that categorizes the types of response we can employ against intruders and show how intrusion deception has its place in this framework. To experiment, we put together tools and technologies such as Snort, VMware, and honeynets in a testbed open to attacks from the Internet. We wrote some Snort rules and ran Snort in inline mode to deceptively manipulate packets of attackers. Our results showed that attackers did react to our deceptions in some interesting ways, suggesting that intrusion deception is a viable response to intrusion.

Subject Categories:

  • Computer Programming and Software
  • Countermeasures

Distribution Statement:

APPROVED FOR PUBLIC RELEASE