Moving-Target Defense Against Botnet Reconnaissance and an Adversarial Coupon-Collection Model

Daniel Fleck, Angelos Stavrou, George Kesidis, Neda Nasiriani, Yuquan Shan, Takis Konstantopoulos

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

We consider a cloud based multiserver system consisting of a set of replica application servers behind a set of proxy (indirection) servers which interact directly with clients over the Internet. We study a proactive moving-Target defense to thwart a DDoS attacker's reconnaissance phase and consequently reduce the attack's impact. The defense is effectively a moving-Target (motag) technique in which the proxies dynamically change. The system is evaluated using an AWS prototype of HTTP redirection and by numerical evaluations of an 'adversarial' coupon-collector mathematical model, the latter allowing larger-scale extrapolations.

Original languageEnglish (US)
Title of host publicationDSC 2018 - 2018 IEEE Conference on Dependable and Secure Computing
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781538657904
DOIs
StatePublished - Jan 23 2019
Event2018 IEEE Conference on Dependable and Secure Computing, DSC 2018 - Kaohsiung, Taiwan, Province of China
Duration: Dec 10 2018Dec 13 2018

Publication series

NameDSC 2018 - 2018 IEEE Conference on Dependable and Secure Computing

Conference

Conference2018 IEEE Conference on Dependable and Secure Computing, DSC 2018
CountryTaiwan, Province of China
CityKaohsiung
Period12/10/1812/13/18

Fingerprint

Servers
HTTP
Extrapolation
Internet
Mathematical models
Botnet

All Science Journal Classification (ASJC) codes

  • Safety, Risk, Reliability and Quality
  • Software
  • Computer Networks and Communications

Cite this

Fleck, D., Stavrou, A., Kesidis, G., Nasiriani, N., Shan, Y., & Konstantopoulos, T. (2019). Moving-Target Defense Against Botnet Reconnaissance and an Adversarial Coupon-Collection Model. In DSC 2018 - 2018 IEEE Conference on Dependable and Secure Computing [8625162] (DSC 2018 - 2018 IEEE Conference on Dependable and Secure Computing). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/DESEC.2018.8625162
Fleck, Daniel ; Stavrou, Angelos ; Kesidis, George ; Nasiriani, Neda ; Shan, Yuquan ; Konstantopoulos, Takis. / Moving-Target Defense Against Botnet Reconnaissance and an Adversarial Coupon-Collection Model. DSC 2018 - 2018 IEEE Conference on Dependable and Secure Computing. Institute of Electrical and Electronics Engineers Inc., 2019. (DSC 2018 - 2018 IEEE Conference on Dependable and Secure Computing).
@inproceedings{49384fdbd20a4c2aa3f4430e2fcbeee6,
title = "Moving-Target Defense Against Botnet Reconnaissance and an Adversarial Coupon-Collection Model",
abstract = "We consider a cloud based multiserver system consisting of a set of replica application servers behind a set of proxy (indirection) servers which interact directly with clients over the Internet. We study a proactive moving-Target defense to thwart a DDoS attacker's reconnaissance phase and consequently reduce the attack's impact. The defense is effectively a moving-Target (motag) technique in which the proxies dynamically change. The system is evaluated using an AWS prototype of HTTP redirection and by numerical evaluations of an 'adversarial' coupon-collector mathematical model, the latter allowing larger-scale extrapolations.",
author = "Daniel Fleck and Angelos Stavrou and George Kesidis and Neda Nasiriani and Yuquan Shan and Takis Konstantopoulos",
year = "2019",
month = "1",
day = "23",
doi = "10.1109/DESEC.2018.8625162",
language = "English (US)",
series = "DSC 2018 - 2018 IEEE Conference on Dependable and Secure Computing",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
booktitle = "DSC 2018 - 2018 IEEE Conference on Dependable and Secure Computing",
address = "United States",

}

Fleck, D, Stavrou, A, Kesidis, G, Nasiriani, N, Shan, Y & Konstantopoulos, T 2019, Moving-Target Defense Against Botnet Reconnaissance and an Adversarial Coupon-Collection Model. in DSC 2018 - 2018 IEEE Conference on Dependable and Secure Computing., 8625162, DSC 2018 - 2018 IEEE Conference on Dependable and Secure Computing, Institute of Electrical and Electronics Engineers Inc., 2018 IEEE Conference on Dependable and Secure Computing, DSC 2018, Kaohsiung, Taiwan, Province of China, 12/10/18. https://doi.org/10.1109/DESEC.2018.8625162

Moving-Target Defense Against Botnet Reconnaissance and an Adversarial Coupon-Collection Model. / Fleck, Daniel; Stavrou, Angelos; Kesidis, George; Nasiriani, Neda; Shan, Yuquan; Konstantopoulos, Takis.

DSC 2018 - 2018 IEEE Conference on Dependable and Secure Computing. Institute of Electrical and Electronics Engineers Inc., 2019. 8625162 (DSC 2018 - 2018 IEEE Conference on Dependable and Secure Computing).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Moving-Target Defense Against Botnet Reconnaissance and an Adversarial Coupon-Collection Model

AU - Fleck, Daniel

AU - Stavrou, Angelos

AU - Kesidis, George

AU - Nasiriani, Neda

AU - Shan, Yuquan

AU - Konstantopoulos, Takis

PY - 2019/1/23

Y1 - 2019/1/23

N2 - We consider a cloud based multiserver system consisting of a set of replica application servers behind a set of proxy (indirection) servers which interact directly with clients over the Internet. We study a proactive moving-Target defense to thwart a DDoS attacker's reconnaissance phase and consequently reduce the attack's impact. The defense is effectively a moving-Target (motag) technique in which the proxies dynamically change. The system is evaluated using an AWS prototype of HTTP redirection and by numerical evaluations of an 'adversarial' coupon-collector mathematical model, the latter allowing larger-scale extrapolations.

AB - We consider a cloud based multiserver system consisting of a set of replica application servers behind a set of proxy (indirection) servers which interact directly with clients over the Internet. We study a proactive moving-Target defense to thwart a DDoS attacker's reconnaissance phase and consequently reduce the attack's impact. The defense is effectively a moving-Target (motag) technique in which the proxies dynamically change. The system is evaluated using an AWS prototype of HTTP redirection and by numerical evaluations of an 'adversarial' coupon-collector mathematical model, the latter allowing larger-scale extrapolations.

UR - http://www.scopus.com/inward/record.url?scp=85062484750&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85062484750&partnerID=8YFLogxK

U2 - 10.1109/DESEC.2018.8625162

DO - 10.1109/DESEC.2018.8625162

M3 - Conference contribution

AN - SCOPUS:85062484750

T3 - DSC 2018 - 2018 IEEE Conference on Dependable and Secure Computing

BT - DSC 2018 - 2018 IEEE Conference on Dependable and Secure Computing

PB - Institute of Electrical and Electronics Engineers Inc.

ER -

Fleck D, Stavrou A, Kesidis G, Nasiriani N, Shan Y, Konstantopoulos T. Moving-Target Defense Against Botnet Reconnaissance and an Adversarial Coupon-Collection Model. In DSC 2018 - 2018 IEEE Conference on Dependable and Secure Computing. Institute of Electrical and Electronics Engineers Inc. 2019. 8625162. (DSC 2018 - 2018 IEEE Conference on Dependable and Secure Computing). https://doi.org/10.1109/DESEC.2018.8625162