Toward Network Configuration Randomization for Moving Target Defense

Part of the Advances in Information Security book series (ADIS, volume 54)


This chapter presents a moving target defense architecture called Mutable Networks or MUTE. MUTE enables networks to change their configurations such as IP address and routes randomly and dynamically while preserving the requirements and integrity of network operation. The main goal of MUTE is to hinder the adversary’s capabilities in scanning or discovering network targets, launching DoS attacks and creating botnets structure. This chapter presents the challenges and applications of moving target defense and it also presents a formal approach for creating valid mutation of network configurations.


Port Number Worm Propagation Characterization Function Valid Mutation Attack Cycle 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    E. Al-Shaer,W. Marrero, A. El-Atway and K. AlBadani, Network Configuration in a Box: Towards End-to-End Verification of Network Reachability and Security, In Proceedings of 17th International Conference on Network Communications and Protocol (ICNP’09), pp. 123–132, Princeton, 2009.Google Scholar
  2. 2.
    H. Hamed, E. Al-Shaer and W. Marrero, Modeling and Verification of IPSec and VPN Security Policies, In Proceedings of International Conference on Netwrok Communications and Protocol (ICNP’05), 2005.Google Scholar
  3. 3.
    T. Samak, A. El-Atawy and E. Al-Shaer, A Framework for Inferring Firewall Policy Using Smart Probing, In Proceedings of International Conference on Netwrok Communications and Protocol (ICNP’07), 2007.Google Scholar
  4. 4.
    Network Vulnerability Scanner.
  5. 5.
    Network Mapper.

Copyright information

© Springer Science+Business Media, LLC 2011

Authors and Affiliations

  1. 1.Cyber Defense and Network Assurability (CyberDNA) Center, College of Computing and InformaticsUniversity of North CarolinaCharlotteUSA

Personalised recommendations