Thwarting Adversarial Network Reconnaissance Through Vulnerability Scan Denial and Deception with Data Plane Programming and P4

This paper presents a novel application of Data-Plane Programming technology for denial, deception, and engagement with cyber adversaries that are performing active network reconnaissance: specifically, a network-based vulnerability assessment. Data-Plane Programming enables "programmable"...

Full description

Saved in:
Bibliographic Details
Published inMILCOM 2023 - 2023 IEEE Military Communications Conference (MILCOM) pp. 793 - 798
Main Authors Ha, Sean, Smith, Gavin, Starr, Robert
Format Conference Proceeding
LanguageEnglish
Published IEEE 30.10.2023
Subjects
Adversary Engagement
Data Plane Programming
Deception
Denial
Fabrics
Metadata
NESSUS
Network architecture
Nmap
Programming
Reconnaissance
Software Defined Networking
Surgery
Telecommunication traffic
Vulnerability Scanning
Online AccessGet full text

Cover

More Information
Summary:This paper presents a novel application of Data-Plane Programming technology for denial, deception, and engagement with cyber adversaries that are performing active network reconnaissance: specifically, a network-based vulnerability assessment. Data-Plane Programming enables "programmable" network switches and routers to manipulate and modify the overall structure of network traffic packets, with the goal of zeroing out (nulling) metadata signatures that serve as indicators of vulnerability, which an adversary may use as intel to inform and guide their attacks. This proposed approach targets manipulation of network scan packets to present a distorted, deceptive state of the network's attack surface and vulnerability landscape.
ISSN:2155-7586
DOI:10.1109/MILCOM58377.2023.10356213