http://www.washingtonpost.com/wp-dyn/content/article/2005/07/03/AR2005070300888.html
By Dawn S. Onley
Special to The Washington Post
July 4, 2005
Two of the Pentagon's leading technologists propose defending the
military's Global Information Grid by using decoy networks and "honey
pots" to fool hackers.
The goal is to lure intruders into these areas and away from
operational networks.
"No other enterprise in the world has responsibility for a
communications network quite like the GIG," Army Col. Carl W. Hunt,
technology director for the Joint Task Force for Global Network
Operations, said at the Army Small Computer Program conference in Las
Vegas last month. The Defense Department is developing the Global
Information Grid as the next-generation information technology
architecture to be used by the military and intelligence agencies.
Hunt and Doug Gardner, director of the applied technology unit of the
joint task force, wrote a recent paper outlining ways to keep
malicious intruders from penetrating the GIG. The paper was presented
at the Institute of Electrical and Electronics Engineers Workshop on
Information Assurance last month at the U.S. Military Academy in West
Point, N.Y.
The diversion strategy, called Net Force Maneuver, would lead hackers
"to systems where we are prepared to receive them," Hunt and Gardner
wrote. It's a technique that technology experts outside the Pentagon
have called a honey pot.
"These systems will collect information on methodologies, techniques
and tools while providing a realistic 'playground' for the intruder,"
Hunt and Gardner wrote. "This playground will be devoid of real system
information but will keep the intruder occupied. The goal here then is
to ensure the intruder does not know which systems are real and which
ones aren't."
Ross Stapleton-Gray, senior research analyst at Skaion Corp., a
computer security company in North Chelmsford, Mass., said the idea
has merit, but it wouldn't necessarily be easy for the Defense
Department to achieve.
Phantom Defense Department networks "would be an interesting
challenge: They'd need to behave sufficiently realistically as to
convince prospective attackers that they were authentic, yet not
reveal too much about the real networks," he said.
Stapleton-Gray said he could imagine the Defense Department running a
continuous simulation of parts of networks "in parallel with the real
ones. When outsiders show up and start probing around the fake
networks, you can track all their activities, even feed them
information on fictional vulnerabilities, and see what they do."
Hunt and Gardner warned Defense officials that Net Force Maneuver is
no silver bullet. They said it would need to be combined with other
protective measures that are now being developed.
-=-
Dawn S. Onley is a senior writer for Government Computer News. For
more on this and other topics concerning technology in government, go
tohttp://www.gcn.com.
_________________________________________
Attend the Black Hat Briefings and
Training, Las Vegas July 23-28 -
2,000+ international security experts,
10 tracks, no vendor pitches.
www.blackhat.com
