(also Diversionary routing)
Deflection routing definition
In terms of cybersecurity, deflection routing is a technique that redirects malicious network traffic from its intended target to another, usually safe and controlled environment. This function facilitates protecting targeted networks or systems from various cyberattacks by diverting upcoming threats to a honeypot. In the honeypot, or in other words, a controlled environment, the attack is thoroughly analyzed and isolated from the primary target. Deflection routing techniques are widely employed by various organizations for network cybersecurity enhancement purposes.
See also: anti-malware
Deflection routing applications
- Honeypots: Honeypots are decoy mechanisms deployed by deflection routing. These honeypots trap potential attackers. Once the attackers are in honeypots, security professionals can study the attack tactics and techniques used to better understand possible threats.
- DDoS mitigation: In a distributed denial of service attacks, deflection routing can reroute excessive traffic from the direction of targeted DDoS protection services or scrubbing centers. These centers are responsible for malicious traffic, can filter it out, and deliver legitimate traffic to the primary destination.
- Email security: Deflection routing techniques are applicable in email security. It can redirect suspicious emails, links, and attachments to a sandbox for further analysis before delivering them to the intended users.
- Web application security: Deflection routing can be employed in redirecting malicious HTTP requests to a sandbox for further checkup and simultaneously protecting the actual web application. That way, web applications are protected from possible threats.