ShadowNet: An active defense infrastructure for insider cyber attack prevention

Xiaohui Cui, Wade Gasior, Justin Beaver, Jim Treadwell

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

1 Scopus citations

Abstract

The ShadowNet infrastructure for insider cyber attack prevention is comprised of a tiered server system that is able to dynamically redirect dangerous/suspicious network traffic away from production servers that provide web, ftp, database and other vital services to cloned virtual machines in a quarantined environment. This is done transparently from the point of view of both the attacker and normal users. Existing connections, such as SSH sessions, are not interrupted. Any malicious activity performed by the attacker on a quarantined server is not reflected on the production server. The attacker is provided services from the quarantined server, which creates the impression that the attacks performed are successful. The activities of the attacker on the quarantined system are able to be recorded much like a honeypot system for forensic analysis.

Original languageEnglish
Title of host publicationComputational Science and Its Applications - 12th International Conference, ICCSA 2012, Proceedings
Pages646-653
Number of pages8
EditionPART 4
DOIs
StatePublished - 2012
Event12th International Conference on Computational Science and Its Applications, ICCSA 2012 - Salvador de Bahia, Brazil
Duration: Jun 18 2012Jun 21 2012

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
NumberPART 4
Volume7336 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference12th International Conference on Computational Science and Its Applications, ICCSA 2012
Country/TerritoryBrazil
CitySalvador de Bahia
Period06/18/1206/21/12

Fingerprint

Dive into the research topics of 'ShadowNet: An active defense infrastructure for insider cyber attack prevention'. Together they form a unique fingerprint.

Cite this