Dileep Basam scite author profile

Dileep Basam

2Publications

1Citation Statement Received

18Citation Statements Given

How they've been cited

How they cite others

Affiliations

Virginia Tech

Publications

Order By: Most citations

Strengthening MT6D Defenses with LXC-Based Honeypot Capabilities

Basam

Ransbottom

Marchany

et al. 2016

Journal of Electrical and Computer Engineering

View full text Add to dashboard Cite

Moving Target IPv6 Defense (MT6D) imparts radio-frequency hopping behavior to IPv6 networks by having participating nodes periodically hop onto new addresses while giving up old addresses. Our previous research efforts implemented a solution to identify and acquire these old addresses that are being discarded by MT6D hosts on a local network besides being able to monitor and visualize the incoming traffic on these addresses. This was essentially equivalent to forming a darknet out of the discarded MT6D addresses, but the solution presented in the previous research effort did not include database integration for it to scale and be extended. This paper presents a solution with a new architecture that not only extends the previous solution in terms of automation and database integration but also demonstrates the ability to deploy a honeypot on a virtual LXC (Linux Container) on-demand based on any interesting traffic pattern observed on a discarded address. The proposed architecture also allows an MT6D host to query the solution database for network activity on its relinquished addresses as a JavaScript Object Notation (JSON) object. This allows an MT6D host to identify suspicious activity on its discarded addresses and strengthen the MT6D scheme parameters accordingly. We have built a proof-of-concept for the proposed solution and analyzed the solution’s feasibility and scalability.

show abstract

Attention

Basam

Marchany

Tront

2015

View full text Add to dashboard Cite

The immense address space available with the new 128-bit addressing scheme enables mechanisms like Moving Target Defense for IPv6 networks. Moving Target IPv6 Defense (MT6D) promises security by letting nodes hop to new addresses that are cryptographically computed between involved nodes without disrupting ongoing conversations. After implementing MT6D as a testbed for previous research project, we asked ourselves if it is worth looking at the old addresses that are being given up by MT6D nodes and purged in the process. We explored the idea if activity on these relinquished addresses holds any vital clues for verifying and reinforcing the security of MT6D networks. During the analysis, we realized the need for a method to ensure the resiliency of the scheme besides uncovering any attacks that are underway. In this paper, we will discuss a novel solution that comprises of learning addresses that are being relinquished by the MT6D nodes, acquiring these addresses, performing traffic enumeration on these addresses and visualizing the same. We can become cognizant of a trailing attacker following a MT6D node along the address changes, besides uncovering any suspicious traffic hitting the MT6D nodes with this solution in place.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Dileep Basam

Strengthening MT6D Defenses with LXC-Based Honeypot Capabilities

Attention

Contact Info

Product

Resources

About