کد مقاله کد نشریه سال انتشار مقاله انگلیسی نسخه تمام متن
4955503 1444218 2017 39 صفحه PDF دانلود رایگان
عنوان انگلیسی مقاله ISI
Invi-server: Reducing the attack surfaces by making protected server invisible on networks
موضوعات مرتبط
مهندسی و علوم پایه مهندسی کامپیوتر شبکه های کامپیوتری و ارتباطات
پیش نمایش صفحه اول مقاله
Invi-server: Reducing the attack surfaces by making protected server invisible on networks
چکیده انگلیسی
The advantage of having remote access motivates network administrators to connect mission-critical servers (e.g., enterprise management systems) as well as public web servers via the Internet, even though connecting these mission-critical servers to the Internet is not recommended. These mission-critical or public servers are accessible from any host on the Internet, allowing cyber attackers to engage the targeted server as part of a process to discover potential exploits and unpatched vulnerabilities. Although it would be difficult to eradicate all the potential vulnerabilities in advance, accessibility to a server can be controlled to limit or minimize the chance of exposing a vulnerable surface. We aimed to address the accessibility issue by designing and prototyping an Invi-server system, in which the IP and MAC addresses of the protected secret server remain invisible from external scanning and eavesdropping trials and even from compromised internal hosts on the network. This Invi-server system can be used as a way to reduce the attack surface of a protected server while allowing authorized users to send and receive packets via the protected server. We also implemented a prototype of the Invi-server system to demonstrate that our proposed system has the ability to reduce the attack surfaces significantly without increasing network performance overhead to any significant extent.
ناشر
Database: Elsevier - ScienceDirect (ساینس دایرکت)
Journal: Computers & Security - Volume 67, June 2017, Pages 89-106
نویسندگان
, , , ,