Abstract
Network address and port hopping (NPAH) is an effectual moving target defense tactic that comes from frequency hopping in wireless communication, and it is proposed for host and service hiding and attack resistance. In this paper, we propose a high performance low latency network address and port hopping implementation mechanism, using the netfilter framework inside the Linux kernel. We have conducted experiments and tests to evaluate the performance of our method, and the result shows that the proposed mechanism is efficient in implementing NPAH on Linux platform.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Zhang, K., Cai, Z.P., Zhang, X., Wang, Z.J., et al.: Algorithms to speedup pattern matching for network intrusion detection systems. Comput. Commun. 62, 47–58 (2015)
Wang, F., Wang, H., Wang, X., et al.: A new multistage approach to detect subtle DDoS attacks. Math. Comput. Model. 55(1), 198–213 (2012)
National cyber leap year summit 2009 co-chairs report (2009). http://www.cyber.st.dhs.gov/docs/NationalCyberLeapYearSummit2009Co-ChairsReport.pdf
Lee, H.C.J., Thing, V.L.L.: Port hopping for resilient networks. In: Proceedings of IEEE 60th Vehicular Technology Conference, vol. 5, pp. 3291–3295 (2004)
Badishi, G., Herzberg, A., Keidar, I.: Keeping denial of service attackers in the dark. IEEE Trans. Dependable Secure Comput. 4(3), 191–204 (2007)
Ma, Q., Dai, H., Zhao, X.L.: Using port hopping to realize information hiding. Comput. Eng. Des. 28(4), 849–851 (2007)
Atighetchi, M., Pal, P., Webber, F., Jones, C.: Adaptive use of network-centric mechanisms in cyber-defense. In: Proceedings of 6th IEEE International Symposium on Object-Oriented Real-Time Distributed Computing, pp. 183–192 (2003)
Shi, L., Jia, C., Lu, S.: Dos evading mechanism upon service hopping. In: Proceedings of IFIP International Conference on Network and Parallel Computing Workshop, pp. 119–122 (2007)
Jafarian, J.H., Al-Shaer, E., Duan, Q.: Openflow random host mutation: transparent moving target defense using software defined networking. In: Proceedings of HotSDN Workshop at SIGCOMM 2012, pp. 127–132 (2012)
Antonatos, S., Akritidis, P., Markatos, E.P., Anagnostakis, K.G.: Defending against hitlist worms using network address space randomization. Comput. Netw. 51(12), 3471–3490 (2007)
Luo, Y.B., Wang, B.S., Wang, X.F., et al.: A universal and multi-platform deployable port and address hopping mechanism. In: Proceedings of 2015 International Conference on Information and Communications Technologies (ICT2015) (2015)
The netfilter.org. http://www.netfilter.org/. Accessed 29 Feb 2016
Shi, L., Jia, C., Lü, S., Liu, Z.: Port and address hopping for active cyber-defense. In: Yang, C.C., et al. (eds.) PAISI 2007. LNCS, vol. 4430, pp. 295–300. Springer, Heidelberg (2007). doi:10.1007/978-3-540-71549-8_31
Iperf. https://iperf.fr/. Accessed 20 Apr 2016
Hping. http://hping.org/. Accessed 28 Apr 2016
Acknowledgements
This work is funded by Research Fund for the National Key Basic Research Program (973 Program) of China (2012CB315906) and NSF of China (61303264).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Luo, YB., Wang, BS., Cai, GL., Wang, XF., Zhang, BF. (2017). High Performance Low Latency Network Address and Port Hopping Mechanism Based on Netfilter. In: Xhafa, F., Patnaik, S., Yu, Z. (eds) Recent Developments in Intelligent Systems and Interactive Applications. IISA 2016. Advances in Intelligent Systems and Computing, vol 541. Springer, Cham. https://doi.org/10.1007/978-3-319-49568-2_34
Download citation
DOI: https://doi.org/10.1007/978-3-319-49568-2_34
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-49567-5
Online ISBN: 978-3-319-49568-2
eBook Packages: EngineeringEngineering (R0)