Skip to main content
SpringerLink
Log in

Network Moving Target Defense Technique Based on Self-Adaptive End-Point Hopping

  • Research Article - Computer Engineering and Computer Science
  • Published:
Arabian Journal for Science and Engineering Aims and scope Submit manuscript

Abstract

Moving target defense is a revolutionary technology changing the antagonistic pattern between attack and defense, with end-point information hopping one of the hotspots in this field. In order to counterpoise the defensive benefit of end-point information hopping and service quality of network system, a novel technique named self-adaptive end-point hopping technique based on adversary strategy awareness is proposed. To solve the blindness problem of hopping mechanism in the course of defense, hopping triggering based on adversary strategy awareness is applied to guide the choice of hopping mode by discriminating the scanning attack strategy, which enhances targeted defense. Furthermore, aimed at the low availability problem caused by limited network resource and high hopping overhead, satisfiability modulo theories are used to formally describe hopping constraints, so as to ensure low hopping overhead. Finally, both theoretical and experimental analyses are performed, demonstrating that the proposed technique can ensure low hopping overhead, while effectively discriminating and defending different types of scanning attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Jajodia, S.; Ghosh, A.K.; Swarup, V.; et al.: Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats. Springer, Berlin (2011)

    Book  Google Scholar 

  2. Networking F. IT Research, and D.(NITRD). Federal Cybersecurity Game-change and D Themes, [EB/OL]. https://www.nitrd.gov/cybersecurity/page/federal-cybersecurity-1Themes, [EB/OL]. https://www.nitrd.gov/cybersecurity/page/federal-cybersecurity-1

  3. Kewley, D.; Fink, R.; Lowry, J.; et al.: Dynamic approaches to thwart adversary intelligence gathering. In: Proceedings on DARPA Information Survivability Conference and Exposition II, 2001 DISCEX’01, vol. 1, pp. 176–185. IEEE (2001)

  4. Sun, K.; Jajodia, S.: Protecting enterprise networks through attack surface expansion. In: Proceedings of the 2014 Workshop on Cyber Security Analytics, Intelligence and Automation, pp. 29–32. ACM (2014)

  5. Evans, D.; Nguyen-Tuong, A.; Knight, J.: Effectiveness of moving target defenses. In: Moving Target Defense, pp. 29–48. Springer, New York (2011)

  6. Xu, J.; Guo, P.; Zhao, M.; et al.: Comparing different moving target defense techniques. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, Arizona, pp. 97–107 (2014)

  7. Al-Shaer, E.: Toward network configuration randomization for moving target defense. In: Moving Target Defense, pp. 153–159. Springer, New York (2011)

  8. Bjørner, N.; De Moura, L.: Z310: applications, enablers, challenges and directions. In: Sixth International Workshop on Constraints in Formal Verification (2009)

  9. Carvalho, M.; Eskridge, T.C.; Bunch, L.; et al.: Mtc2: a command and control framework for moving target defense and cyber resilience. In: 2013 6th International Symposium on Resilient Control Systems (ISRCS), pp. 175–180. IEEE (2013)

  10. Atighetchi, M.; Pal, P.; Webber, F.; et al.: Adaptive use of network-centric mechanisms in cyber-defense. In: 2003 Sixth IEEE International Symposium on Object-Oriented Real-Time Distributed Computing, pp. 183–192. IEEE (2003)

  11. Lee, H.C.J.; Thing, V.L.L.: Port hopping for resilient networks. In: IEEE 60th Vehicular Technology Conference, 2004. VTC2004-Fall, vol. 5, pp. 3291–3295. IEEE (2004)

  12. Dunlop, M.; Groat, S.; Urbanski, W.; et al.: Mt6d: a moving target ipv6 defense. In: Military Communications Conference, 2011-Milcom, pp. 1321–1326. IEEE (2011)

  13. Hari, K.; Dohi, T.: Dependability modeling and analysis of random port hopping. In: 2012 9th International Conference on Ubiquitous Intelligence and Computing and 9th International Conference on Autonomic and Trusted Computing (UIC/ATC), pp. 586–593. IEEE (2012)

  14. Kai, L.; Jia, C.; Shi, L.: Improvement of distributed timestamp synchronization. J. Commun. 33(10), 110–116 (2012)

    Google Scholar 

  15. Malathi, P.: Mitigating distributed denial of service attacks in multiparty applications in the presence of clock drifts. In: 2013 Fourth International Conference on Computing, Communications and Networking Technologies (ICCCNT), pp. 1–6. IEEE (2013)

  16. Kirkpatrick, K.: Software-defined networking. Commun. ACM 56(9), 16–19 (2013)

    Article  Google Scholar 

  17. Antonatos, S.; Akritidis, P.; Markatos, E.P.; et al.: Defending against hitlist worms using network address space randomization. Comput. Netw. 51(12), 3471–3490 (2007)

    Article  MATH  Google Scholar 

  18. Yackoski, J.; Xie, P.; Bullen, H.; et al.: A self-shielding dynamic network architecture. In: Military Communications Conference, 2011-MILCOM, pp. 1381–1386. IEEE (2011)

  19. Jafarian, J.H.; Al-Shaer, E.; Duan, Q.: Openflow random host mutation: transparent moving target defense using software defined networking. In: Proceedings of the First Workshop on Hot topics in Software Defined Networks, pp. 127–132. ACM (2012)

  20. Jafarian, J.H.H.; Al-Shaer, E.; Duan, Q.: Spatio-temporal address mutation for proactive cyber agility against sophisticated attackers. In: Proceedings of the First ACM Workshop on Moving Target Defense, pp. 69–78. ACM (2014)

  21. Libo, M.; Xing, L.; Liang, Z.: On modeling and deploying an effective scan monitoring system. J. Softw. 20(4), 845–857 (2009)

    Google Scholar 

  22. Wang, Y.; Wen, S.; Xiang, Y.; et al.: Modeling the propagation of worms in networks: a survey. IEEE Commun. Surv. Tutor. 16(2), 942–960 (2014)

    Article  Google Scholar 

  23. Badishi, G.; Herzberg, A.; Keidar, I.: Keeping denial-of-service attackers in the dark. IEEE Trans. Depend. Secure Comput. 4(3), 191–204 (2007)

    Article  MATH  Google Scholar 

  24. Chunlei, Z.; Chunfu, J.; Chen, W.; et al.: Research on adaptive strategies for end-hopping system. J. Commun. 11A, 7–57 (2011)

    Google Scholar 

  25. Sibson, R.: Information radius. Zeitschrift für Wahrscheinlichkeitstheorie und verwandte Gebiete 14(2), 149–160 (1969)

    Article  MathSciNet  MATH  Google Scholar 

  26. Yu, S.; Thapngam, T.; Liu, J.; et al.: Discriminating DDoS flows from flash crowds using information distance. In: Third International Conference on Network and System Security, 2009 NSS’09, pp. 351–356. IEEE (2009)

  27. Ding, Y.; Yan, E.; Frazho, A.; et al.: PageRank for ranking authors in cocitation networks. J. Am. Soc. Inf. Sci. Technol. 60(11), 2229–2243 (2009)

    Article  Google Scholar 

  28. Cong, S.; Ge, Y.; Chen, Q.; et al.: DTHMM based delay modeling and prediction for networked control systems. J. Syst. Eng. Electron. 21(6), 1014–1024 (2010)

    Article  Google Scholar 

  29. Collins, M.P.; Reiter, M.K.: Hit-list worm detection and bot identification in large networks using protocol graphs. In: Recent Advances in Intrusion Detection, pp. 276–295. Springer, Berlin (2007)

  30. Kar, K.; Kodialam, M.; Lakshman, T.V.; Tassiulas, L.: Routing for network capacity maximization in energy-constrained ad hoc networks. In: Proceedings on INFOCOM (2003)

  31. Huang, M.; Liang, W.; Xu, Z.; et al.: Dynamic routing for network throughput maximization in software-defined networks. In: IEEE INFOCOM the 35th Annual IEEE International Conference on Computer Communications, pp. 978–986. IEEE (2016)

  32. Peng, B.; Kemp, A.H.; Boussakta, S.: QoS routing with bandwidth and hop-count consideration: a performance perspective. J. Commun. 1(2), 1–11 (2006)

    Article  Google Scholar 

  33. TUN/TAP: http://en.wikipedia.org/wiki/TUN/TAP (2000)

  34. Lei, C.; Ma, D.; Zhang, H.; et al.: Moving target network defense effectiveness evaluation based on change-point detection. Math Probl Eng 2016 (2016)

  35. Carroll, T.E.; Crouse, M.; Fulp, E.W.; et al.: Analysis of network address shuffling as a moving target defense. In: 2014 IEEE International Conference on Communications (ICC), pp. 701–706. IEEE (2014)

  36. Lantz, B.; Heller, B.; McKeown, N.: A network in a laptop: rapid prototyping for software-defined networks. In: Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks (2010)

  37. McKeown, N.; Anderson, T.; Balakrishnan, H.; Parulkar, G.; Peterson, L.; Rexford, J.; Shenker, S.; Turner, J.: OpenFlow: enabling innovation in campus networks. ACM SIGCOMM Comput. Commun. Rev. 38(2), 69–74 (2008)

    Article  Google Scholar 

  38. Medved, J.; Varga, R.; Tkacik, A.; et al. Opendaylight: towards a model-driven sdn controller architecture. In: 2014 IEEE 15th International Symposium on, A World of Wireless, Mobile and Multimedia Networks (WoWMoM), pp. 1–6. IEEE (2014)

Download references

Author information

Authors and Affiliations

  1. China National Digital Switching System Engineering and Technological Research Center, Zhengzhou, 450001, Henan Province, China

    Cheng Lei & Hong-qi Zhang

  2. State Key Laboratory of Information Security, Institute of Information Engineering, CAS, Beijing, 100093, China

    Duo-he Ma

  3. Henan Key Laboratory of Information Security, Zhengzhou, 450001, Henan Province, China

    Cheng Lei, Hong-qi Zhang & Ying-jie Yang

Authors
  1. Cheng Lei
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hong-qi Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Duo-he Ma
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ying-jie Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Cheng Lei.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Lei, C., Zhang, Hq., Ma, Dh. et al. Network Moving Target Defense Technique Based on Self-Adaptive End-Point Hopping. Arab J Sci Eng 42, 3249–3262 (2017). https://doi.org/10.1007/s13369-017-2430-5

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s13369-017-2430-5

Keywords

Search

Navigation