• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Engineering Technology and Applied Science Research >Towards Enhancing the Endpoint Security using Moving Target Defense (Shuffle-based Approach) in Software Defined Networking
【24h】

Towards Enhancing the Endpoint Security using Moving Target Defense (Shuffle-based Approach) in Software Defined Networking

机译:在软件定义的网络中使用移动目标防御(基于Shuffle的方法)来提高端点安全性

获取原文
       
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Static IP addresses make the network vulnerable to different attacks and once the machines are compromised, any sensitive information within the network can be spoofed. Moving Target Defense (MTD) provides an efficient mechanism for proactive security by constantly changing different system attributes. Software Defined Networks (SDNs) provide greater flexibility in designing security solutions due to their centralized management and programming capabilities. In this paper, a mechanism for the protection of endpoint security is developed using IP address host shuffling. In the proposed approach, the real IP address of the host is masked and a virtual IP address is assigned. The virtual IPs are mined from the pool of unassigned IP addresses. The address pool is created using a pseudo-random number generator to guarantee high randomness. This approach helps in invalidating the intelligence gathered by the adversaries through the changes in the network configuration that will disturb attack execution, eventually leading to attack failure. Transparency is attained via preserving the actual IP intact and mapping a virtual IP to it. The proposed solution is implemented using the RYU Controller and Mininet. The efficient results obtained from the experiments substantiate the effectiveness of the MTD approach for enhancing endpoint security.
机译:静态IP地址使网络容易受到不同的攻击,并且一旦机器受到损害,网络内的任何敏感信息都可以欺骗。移动目标防御(MTD)通过不断更改不同的系统属性,提供了一个有效的主动安全机制。由于集中管理和编程功能,软件定义的网络(SDNS)在设计安全解决方案方面提供了更大的灵活性。在本文中,使用IP地址主机洗机开发了一种保护端点安全性的机制。在所提出的方法中,屏蔽主机的实际IP地址并分配虚拟IP地址。虚拟IPS从未分配的IP地址池中挖掘。使用伪随机数生成器创建地址池以保证高随机性。这种方法有助于使对手收集的智能无效,通过网络配置的变化会干扰攻击执行,最终导致攻击失败。通过保留实际的IP完好并将虚拟IP映射到它来实现透明度。所提出的解决方案是使用Ryu控制器和Mininet实现的。从实验中获得的有效结果证实了MTD方法提高终点安全性的有效性。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号