An efficient deception architecture for cloud-based virtual networks

TL;DR

This paper introduces a high-throughput architecture for misery digraphs to enhance deception in cloud networks, demonstrating its effectiveness in Amazon Web Services with minimal performance impact.

Contribution

It presents an implementation and performance analysis of a scalable misery digraph architecture for deception in cloud-based virtual networks.

Findings

Modest delays in request processing in AWS.

Significant delays in stealth intrusions.

Effective deception with minimal performance overhead.

Abstract

Emerging deceptive systems present a new promise for the uprising security problems in cloud-based virtual networks, especially those operated by small and medium enterprises. The main goal of deceptive systems is to form a layer of defensive nodes in an Internet-accessible cloud-based virtual network to distract and deceive malicious clients. While numerous approaches provide distinct models for developing decisive systems, misery digraphs present a promising decisive model for distracting powerful remote intrusions. Misery digraphs can delay access to targets deep in a cloud-based virtual network. A central challenge to the theory of misery digraphs is verifying their applicability in prominent cloud computing platforms as well as measuring the efficiency of networks that adapt them. Thus, architectural support is needed that can be realized with long-term support technologies and can be deployed for large networks. This work presents and analyzes a high-throughput architecture for misery digraphs, embarking on implementation details and performance analysis. Full implementation of the architecture in Amazon Web Services imposes modest performance delays in the request processing, while highly delaying stealth intrusions in the network.