Moving Target Defense Discrete Host Address Mutation and Analysis in SDN
Document Type
Conference Proceeding
Publication Date
12-1-2020
School
Computing Sciences and Computer Engineering
Abstract
Moving Target Defense is a technique focused on disrupting certain phases of a cyber-attack. Reconnaissance is the preliminary phase of the attack in the cyber kill chain. The static nature of the existing networks gives an adequate amount of time to the adversaries in gathering enough data concerning the target and succeed in mounting an attack. Randomization of the host addresses is well known MTD technique that hides the actual network configuration from external scanners. Although random host mutation techniques are investigated extensively, the limitations such as less availability of unused public address space for mutation and host unavailability due to mutation time interval deteriorate the network's stability. Due to address space unavailability, each host address's mutation is not feasible according to the time interval, or the address space is repeated multiple times. When the host establishes a session of transmitting or receiving data, due to mutation interval, the session is interrupted, leading to the host's unavailability. In this paper, we propose a moving target defense technique to achieve the following objectives: (1) using mutation technique, randomization of IP addresses is achieved to create high uncertainty in adversary scanning; (2) the mutation time interval is separated from each host to preserve network performance and stability; (3) the mutation scheme is adapted by analyzing the data stats from the individual host (4) the analyzed data stats are used to manage the available unused address space.
Publication Title
Proceedings - 2020 International Conference on Computational Science and Computational Intelligence, CSCI 2020
First Page
55
Last Page
61
Recommended Citation
Gudla, C.,
Sung, A.
(2020). Moving Target Defense Discrete Host Address Mutation and Analysis in SDN. Proceedings - 2020 International Conference on Computational Science and Computational Intelligence, CSCI 2020, 55-61.
Available at: https://aquila.usm.edu/fac_pubs/19301
COinS