CINDAM: Customized Information Networks for Deception and Attack Mitigation

Abstract

The topology of networks typically remains static over long periods of time, giving attackers the advantage of long planning cycles to develop, test, and refine targeted attacks. The CINDAM design preempts the attacker by creating ephemeral, per-host views of the protected enclave to transform the constant topology of computing networks into deceptive, mutable, and individualized ones that are able to impede nation-state attacks while still providing mission services to legitimate users. CINDAM achieves this deception without affecting network operations and without modifying client and server software. CINDAM is being implemented using software-defined networking technology for a cost-effective cyber deception solution.