Monday, June 1, 2015


The Network Obfuscation and Virtualized Anti-Reconnaissance (Nova) system is an open-source software tool developed to detect network based reconnaissance efforts, to deny the attacker access to real network data while providing false information regarding the number and types of systems connected to the network.

In any intrusion, the attacker must first perform reconnaissance to learn all about a network by discovering information such as how many systems are online, what operating systems are installed on them, what services are running on those machines, and what ports may be open. Each piece of information gained is one step closer to a successful attack.

Nova prevents and detects this snooping by setting up a large net of realistic virtualized decoys. Trying to find the real machines then becomes like trying to find a needle in a haystack. Meanwhile, Nova identifies the attackers by their inevitable suspicious activity in communicating with decoys. It provides the network administrators a Situation Awareness view of their network.

No comments:

Post a Comment