Hidema Tanaka
National Defense Academy of Japan
Hashirimizu 1-10-20 Yokosuka, Kanagawa Japan 239-8686
ABSTRACT
In general, network attack should be prohibited and information security technology should contribute to improve the trust of network communication. Almost network communication is based on IP packet that is standardized by the international organization. So, network attack does not work without following the standardized protocols and data format. Therefore, network attack also leaks information concerning adversaries by their IP packets. In this paper, we propose an effective choice for network attack scenario which counter-attacks adversary. We collect and analyze IP packets from the adversary, and derive network topology map of the adversary. The characteristics of topology map can be evaluated by the Eigen value of topology matrix. We observe the changes of characteristics of topology map by the influence of attack scenario. Then we can choose the most effective or suitable network counter-attack strategy. In this paper, we assume two kinds of attack scenarios and three types of tactics. And we show an example choice of attack using actual data of adversary which were observed by our dark-net monitoring.
KEYWORDS
Network attack, Dark-net Monitoring, Topology map, Adjacency matrix, Laplacian matrix, Total accessibility matrix
No comments:
Post a Comment