Go to DBLP homepageVN-SMT: An SMT-based Construction Method on Virtual Network to Defend Insider Reconnaissance
Abstract: Due to networks’ static and homomorphic nature, experienced attackers can quickly get the target network’s topology and internal host information by scanning. The virtual network view prevents network reconnaissance by simulating a virtual network topology for the network hosts, to consume the attacker’s attack resources and time. However, deploying a virtual network view will reduce network throughput and increase network latency, and an unreasonable virtual network view configuration will waste resources and reduce Quality of Services(QoS). We, therefore, propose a method VN-SMT that can rationally configure virtual network view. This method generates an optimal virtual network view base on existing host configuration, risk constraints, and budget constraints. We define metrics for deception, concealment, and resource consumption to measure the effectiveness of virtual network views. We conduct simulations to verify the effectiveness and feasibility of VN-SMT.
Loading