1. Field of the Art
The technology described here generally relates to computer networking, and, more specifically, to network intrusion diversion using software defined networking (SDN).
2. Description of the Related Art
Businesses, governments, and other organizations have seen their computer networks expand to enable internal communication among employees' computers as well as with customers/clients, vendors and suppliers, the general public, and others outside the organizations through the Internet. Computer networks have become more difficult to protect as they grown in size and complexity.
Network application server hosts often find themselves a target for attackers trying to steal information, disable services, and/or use the exposed services as a beachhead for further intrusion and infiltration. Conventional protection mechanisms include anti-distributed denial of service (DDOS) attack schemes (by prevention of data flood overflows), inline anti-virus (AV) scanning (i.e., signature-based malware matching), and sophisticated multi-factor authentication. When the tracks of a hacker are spotted, the account that the hacker is using is summarily locked out.
While the focus of these measures is to stop the attacker from intrusion, there is little consideration for observing an attacker's subsequent activities and motives once it gains a foothold on the server host. The hacker knows when he is found out because he or she is locked out. He or she may be able to correlate the behavior that led to the lockout because they are closely related in time. Further, the hacker can immediately try a different account or back door and avoid the behaviors that led to discovery. Thus, hackers learn how to avoid detection better with each break-in, often with impunity.
There is a need in the art for more efficient protections against hackers of computer systems.