Invi-server

Abstract

Computer servers such as web, database, and other internal servers are prime targets for cyber attacks. Such servers are accessible from any host on the Internet, allowing cyber attackers to engage the targeted server as part of discovery process of potential exploits and unpatched vulnerabilities. Although it would be difficult to eradicate all the potential vulnerabilities in advance, the accessibility to the server can be controlled to minimize the chance of exposing a vulnerable surface. Toward this end, we designed and prototyped Invi-server, where the protected secret server`s IP and MAC address are made invisible from any local host or router on the network. This Invi-server can be used as a way to reduce the attack surface of a protected server, while allowing the authorized users to send and receive packets to/from the protected server. We also prototyped of Invi-server to demonstrate that our proposed system can significantly reduce the attack surfaces with low network performance overhead (upto 7\%) in our Apache web server with OpenSSL prototype implementation.