Date of Award

Summer 8-1-2021

Degree Type

Dissertation

Degree Name

Doctor of Philosophy (PhD)

School

Computing Sciences and Computer Engineering

Committee Chair

Dr. Andrew H. Sung

Committee Chair School

Computing Sciences and Computer Engineering

Committee Member 2

Dr. Dia Ali

Committee Member 2 School

Computing Sciences and Computer Engineering

Committee Member 3

Dr. Ramakalavathi Marapareddy

Committee Member 3 School

Computing Sciences and Computer Engineering

Committee Member 4

Dr. Ras B. Pandey

Committee Member 4 School

Mathematics and Natural Sciences

Committee Member 5

Dr. Sungwook Lee

Committee Member 5 School

Mathematics and Natural Sciences

Abstract

Moving Target Defense is a technique focused on disrupting certain phases of a cyber-attack. The static nature of the existing networks gives the adversaries an adequate amount of time to gather enough data concerning the target and succeed in mounting an attack. The random host address mutation is a well-known MTD technique that hides the actual IP address from external scanners. When the host establishes a session of transmitting or receiving data, due to mutation interval, the session is interrupted, leading to the host’s unavailability. Moving the network configuration creates overhead on the controller and additional switching costs resulting in latency, poor performance, packet loss, and jitter.

In this dissertation, we proposed a novel discrete MTD technique in software-defined networking (SDN) to individualize the mutation interval for each host. The host IP address is changed at different intervals to avoid the termination of the existing sessions and to increase complexity in understanding mutation intervals for the attacker. We use the flow statistics of each host to determine if the host is in a session of transmitting or receiving data. Individualizing the mutation interval of each host enhances the defender game strategy making it complex in determining the pattern of mutation interval. Since the mutation of the host address is achieved using a pool of virtual (temporary) host addresses, a subnet game strategy is introduced to increase complexity in determining the network topology. A benchmarking framework is developed to measure the performance, scalability, and reliability of the MTD network with the traditional network. The analysis shows the discrete MTD network outperforms the random MTD network in all tests.

Share

COinS