The Community for Technology Leaders
2012 IEEE Fifth International Conference on Cloud Computing (2012)
Honolulu, HI, USA USA
June 24, 2012 to June 29, 2012
ISSN: 2159-6182
ISBN: 978-1-4673-2892-0
pp: 487-493
Malware and computer forensic researchers often communicate with malicious servers, either directly or indirectly, through the web browser or other ports utilized by malicious software. Communication with this form of adversary can sometimes necessitate the use of a proxy server in order to conceal the true origin of the researcher's traffic. Open source projects such as OpenVPN currently offer a structured method for establishing software based virtual private networks (VPNs) between arbitrary clients and servers. Likewise, paradigms exist which allow a user to proxy traffic from one end of a VPN to another, effectively masking the origin of traffic being sent to and from the client system. In this paper, we present MANTICORE -- a system that  combines ideas from VPN with the instancing functionality of a cloud computing system in order to dynamically mask and reassign the apparent IP address of a researcher's system. We also present experimental evaluation of our system on Amazon's Elastic Compute Cloud (EC2).
Servers, Virtual private networks, IP networks, Switches, Browsers, Routing, Security, forensics, cloud computing, security

P. Butler, A. Rhodes and R. Hasan, "MANTICORE: Masking All Network Traffic via IP Concealment with OpenVPN Relaying to EC2," 2012 IEEE Fifth International Conference on Cloud Computing(CLOUD), Honolulu, HI, USA USA, 2012, pp. 487-493.
182 ms
(Ver 3.3 (11022016))