COLLUSIONGUARD: AN ADAPTIVE TRAP-SANDBOX DEFENSE SYSTEM FOR DETECTING AND MITIGATING COLLUSION ATTACKS DURING DDOS INCIDENTS

Abstract

CollusionGuard is a pioneering defense mechanism tailored to combat collusion attacks in Distributed Denial of Service (DDoS) scenarios. This system is designed to address cases where legitimate, permission-granted applications unintentionally share sensitive data with malicious counterparts, signaling potential collusion threats. Utilizing an adaptive framework, CollusionGuard dynamically alternates between honeypot traps and sandbox environments based on real-time threat assessments. Honeypot traps mimic vulnerable systems to deceive attackers and capture their behavior for forensic analysis, while sandbox environments isolate and monitor malicious activities, ensuring secure observation without compromising critical network infrastructure. The system continuously monitors application interactions to detect anomalies indicative of collusion attempts. Its adaptive approach ensures seamless switching between defense modes, providing robust protection against evolving collusion tactics. Rigorous testing through simulations and real-world scenarios validates the system's resilience and adaptability, positioning CollusionGuard as an effective solution for mitigating sophisticated DDoS collusion threats.