Read Time:2 Minute, 14 Second
The latest research paper suggests network defenders change the online choice architecture for hackers to get frustrated.
In November, experts at the National Security Agency (NSA), Johns Hopkins University, and Fastly released new research entitled “Sludge for Good: Slowing and Imposing Costs on Cyber Attackers.“
To give a glimpse of what the paper is about, there are two main terms: nudges and sludges. Based on the research’s definition, “Nudges are an aspect intended to make “good” outcomes easy, such as using password metres to encourage strong passwords.”
On the other hand, they describe the word “sludge” as:
“friction that raises the transaction cost and is often seen as a negative to users.”
The paper’s authors included the NSA’s Josiah Dykstra and Jamie Met, Fastly’s Kelly Shortridge, and Johns Hopkins Bloomberg School of Public Health‘s Douglas Hough.
The main goal of the study proponents is to see and utilise the sludge in a positive light. They propose applying the concept for the betterment of cybersecurity, a strategy to piss off attackers by consuming their precious resources such as time.
They noted that their aim is not to block an assault entirely but rather to create enough obstacles and frustrations along the path to waste the time of anyone attempting to damage the network.
“To date, most cyber defences have been designed to be optimally strong and effective and prohibit or eliminate attackers as quickly as possible,” the paper stated.
In reality, sludge may take the form of anything from login banners to honeypot machines and bogus databases – anything that would waste the time of a would-be attacker while lifting a network out of the low-hanging fruit category.
“Cybersecurity professionals often seek to minimise their recovery time, failure rates, and lead times. If adversaries behave likewise, sludge may be used to strategically maximise negative results.”
Dykstra, one of the authors, said that the sludge strategy is not about the number of hurdles and red tape. It is about knowing the most effective one to irritate attackers.
“The effectiveness of sludge, like many other approaches to cybersecurity, probably isn’t directly correlated to the number of measures used. Instead, impact is influenced by contextual details of the attack, attributes of the attacker(s), capabilities of the defenders, and features of the sludge. As we explain in the paper, a sludge strategy would be used in combination with other complimentary system defences. For instance, system owners certainly need strong user authentication, not just honey credentials,” Dykstra said.
This, the researchers concluded, promotes the formation of sludge conditions, which, while unsuccessful on their own, can work well in conjunction with standard network security measures to thwart attacks.
Happy
0 %
Sad
0 %
Excited
0 %
Sleepy
0 %
Angry
0 %
Surprise
0 %
0
0
