Enabling Defensive Deception by Leveraging Software Defined Networks
Abstract
Computer networks are critical for modern society and protecting their security is of high importance. Due to their increasing size and complexity providing the required cyber security counter measures has become a very difficult task. One of the most recent approaches is to employ defensive deception techniques, in order to provide to the attacker a false perception about the protected network and thus increase the effort that is needed to carry on a successful intrusion. In this paper we present a comprehensive literature review and a comparison of existing SDN based defensive deception methods. Additionally, we propose a novel deception mechanism that combines moving target and honeypots approaches and carry out extensive tests of its functionality.