Publications Details
Best Paper Award: Gathering Threat Intelligence Through Computer Network Deception
Presented at the 2016 IEEE International Symposium on Technologies for Homeland Security (HST), this LDRD-funded research received a Best Paper award, the highest award presented at the conference. The research focused on developing, implementing, and testing a novel computer network operations architecture that enables proactive defense by managing and monitoring enterprise resource allocations and network flows. The architecture leverages three emerging concepts: software-defined networks, cloud computing, and deception, to enable the detection and identification of anomalous access and intrusions to adjust to the dynamic nature of the adversary and to provide a mechanism to discover and react to the adversary’s attacks in a methodical and proactive manner. Additionally, the work allows network defenders to gather information on an adversary’s tools, tactics and procedures, providing insight into the “what, why, and how” of the adversary’s operations. A summary of the work presented at IEEE can be found at http://tiny.sandia.gov/8d8lu.