14 Days of Vacation: A Rogue Switch Detection Technique
Dr. Vijay Bhuse, firstname.lastname@example.org
Networks are growing both in size and complexity. As this complexity increases it has become harder to detect a compromised node.
In this presentation, we demonstrate an application of a business solution for detecting malicious actors. Our solution is based on an enforcement of 14 days of vacation per year. This is done in banking as a best practice to detect employees committing fraud or otherwise engaging in a malicious behavior.
We regularly swap nodes in the network with known good units and then compare observed behavior of the suspect node, to the behavior of the known good node. By doing this, we can detect many forms of malicious behavior indicating a compromised node.
Prins, Kyle, "14 Days of Vacation: A Rogue Switch Detection Technique" (2017). Technical Library. 293.