Network Threat Deception
Provide malicious actors with deceptive information that materially increases the costs of malicious network activities
Malicious attacks on subscribers and network resources are increasing in size, frequency, and complexity each day, rendering existing systems ineffective to handle modern day exploitations. Network threat deception tactics add another layer of security to the network by providing misinformation at each level of a potential intrusion: network, endpoint, application, and data thereby misleading the attacker into believing their efforts have been successful.
A feature of Sandvine’s Network Security Product, Sandvine QuickSand monitors active IP space to identify dynamic darkspace and uses “decoy and deception” techniques to provide malicious actors with deceptive information that materially increases the costs of malicious network activities to the attack, making network attacks less economically feasible. Network attacks are slowed and effectively neutralized using multiple techniques:
- Network Scale Tarpitting: Slows down the propagation of attacks, and malicious activity by acknowledging requests made by malicious actors with information that falsely suggests progress while the attack is actually being mitigated
- Dynamic Vulnerability Masking: Identifies subscribers and servers that are running vulnerable software versions, and leverages Sandvine’s SandScript capabilities to dynamically lead the potential attacker to believe that the secure version of the software is running instead, thereby preventing the attack before it starts.
Cyber Security: Considerations and Techniques
This paper describes the wide variety of solutions that CSPs and enterprise Internet security professionals are juggling today, and explains the many advantages of using network policy control to deliver secure pipes to residential subscribers and business customers.