NetShifter: A Comprehensive Multi-Dimensional Network Obfuscation and Deception Solution

  • Gahng-Seop AhnEmail author
  • Kyung Joon Kwak
  • Alexey Bogaevskiy
  • Jason Li
  • Gregory Briskin
  • Robert Vaeth


Adaptive defense is a cyber defense strategy in which a set of system configurations are dynamically changed to increase uncertainty and complexity for adversaries that try to discover and exploit vulnerabilities. To improve cyber agility of networks, the NetShifter performs multi-dimensional network-level adaptive defense in full scale beyond physical constraints of the networks by adopting the software-defined network (SDN).


Adaptive network defense Software defined network Network obfuscation 


  1. 1.
    Qi Duan, et al, “Efficient Random Route Mutation Considering Flow and Network Constraints”, In proceedings of Hot Topics in Software Defined Networking (HotSDN 12), 2012.Google Scholar
  2. 2.
    Justin Yackoski, et al, “A self-shielding dynamic network architecture”, In proceedings of IEEE MILCOM, November 2011, pp. 1381–1386.Google Scholar
  3. 3.
    Active Repositioning in Cyberspace for Synchronized Evasion (ARCSYNE), 2012, Final Technical ReportGoogle Scholar
  4. 4.
    J.H. Jafarian, et al, “OpenFlow Random Host Mutation: Transparent Moving Target Defense using Software Defined Networking”, In Proceedings of ACM SIGCOMM HotSDN workshop, August 2011.Google Scholar
  5. 5.
    D.C. MacFarland et al, “The SDN Shuffle: Creating a Moving-Target Defense using Host-based Software-Defined Networking”, In Proceedings of the Second ACM Workshop on Moving Target Defense, pp 37–41.Google Scholar
  6. 6.
    P. Kampanakis et al, “SDN-based Solutions for Moving Target Defense network Protection” In Proceedings of IEEE Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM), June 2014, pp. 1–6.Google Scholar
  7. 7.
    S. Antonatos, et al, “Defending against hitlist worms using network address space randomization”, In proceedings of the 2005 ACM workshop on Rapid malcode (WORM ’05), 2005.Google Scholar
  8. 8.
    D. Kewley, R. Fink, J. Lowry, and M. Dean, “Dynamic approaches to thwart adversary intelligence gathering”, In proceedings of DARPA Information Survivability Conference Exposition II (DISCEX’01), 2001.Google Scholar
  9. 9.
    C.M. Price, E. Stanton, E.J. Lee, J.T. Michalski, K.S. Chua, Y.H. Wong, and C.P. Tan, “Network Security Mechanisms Utilizing Dynamic Network Address Translation LDRD Project,” Sandia National Labs, 2002 Nov 01.CrossRefGoogle Scholar
  10. 10.
    H. Moniz, N.F. Neves, M. Correia, and P. Verissimo, “Randomized Intrusion-Tolerant Asynchronous Services,” International Conference on Dependable Systems and Networks, June 2006.Google Scholar
  11. 11.
    S. Antonatos, P. Akritidis, E.P. Markatos, and K.G. Anagnostakis, “Defending against hitlist worms using network address space randomization,” Comput. Netw. 51, 12 (August 2007), 3471–3490.CrossRefGoogle Scholar
  12. 12.
    E. Al-Shaer, “Toward Network Configuration Randomization for Moving Target Defense,” Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats, S. Jajodia, A.K. Ghosh, V. Swarup, C. Wang, X.S. Wang (eds.), New York: Springer, 2011, 153–159.Google Scholar
  13. 13.
    J.D Touch, G.G. Finn, Y.-S. Wang, and L. Eggert, “DynaBone: dynamic defense using multi-layer Internet overlays,” In Proceedings of DARPA Information Survivability Conference and Exposition, vol. 2 (22–24 April 2003), pp. 271–276.Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Gahng-Seop Ahn
    • 1
    Email author
  • Kyung Joon Kwak
    • 1
  • Alexey Bogaevskiy
    • 1
  • Jason Li
    • 1
  • Gregory Briskin
    • 1
  • Robert Vaeth
    • 2
  1. 1.Intelligent Automation Inc.RockvilleUSA
  2. 2.Air Force Research LaboratoryRomeUSA

Personalised recommendations