Decoys Suggested for Pentagon Network
Monday, July 4, 2005
Two of the Pentagon's leading technologists propose defending the military's Global Information Grid by using decoy networks and "honey pots" to fool hackers.
The goal is to lure intruders into these areas and away from operational networks.
"No other enterprise in the world has responsibility for a communications network quite like the GIG," Army Col. Carl W. Hunt, technology director for the Joint Task Force for Global Network Operations, said at the Army Small Computer Program conference in Las Vegas last month. The Defense Department is developing the Global Information Grid as the next-generation information technology architecture to be used by the military and intelligence agencies.
Hunt and Doug Gardner, director of the applied technology unit of the joint task force, wrote a recent paper outlining ways to keep malicious intruders from penetrating the GIG. The paper was presented at the Institute of Electrical and Electronics Engineers Workshop on Information Assurance last month at the U.S. Military Academy in West Point, N.Y.
The diversion strategy, called Net Force Maneuver, would lead hackers "to systems where we are prepared to receive them," Hunt and Gardner wrote. It's a technique that technology experts outside the Pentagon have called a honey pot.
"These systems will collect information on methodologies, techniques and tools while providing a realistic 'playground' for the intruder," Hunt and Gardner wrote. "This playground will be devoid of real system information but will keep the intruder occupied. The goal here then is to ensure the intruder does not know which systems are real and which ones aren't."
Ross Stapleton-Gray, senior research analyst at Skaion Corp., a computer security company in North Chelmsford, Mass., said the idea has merit, but it wouldn't necessarily be easy for the Defense Department to achieve.
Phantom Defense Department networks "would be an interesting challenge: They'd need to behave sufficiently realistically as to convince prospective attackers that they were authentic, yet not reveal too much about the real networks," he said.
Stapleton-Gray said he could imagine the Defense Department running a continuous simulation of parts of networks "in parallel with the real ones. When outsiders show up and start probing around the fake networks, you can track all their activities, even feed them information on fictional vulnerabilities, and see what they do."
Hunt and Gardner warned Defense officials that Net Force Maneuver is no silver bullet. They said it would need to be combined with other protective measures that are now being developed.
Dawn S. Onley is a senior writer for Government Computer News. For more on this and other topics concerning technology in government, go tohttp:/