详情

原文传递 Proactive Host Mutation in Software Defined Networking.

题名：	Proactive Host Mutation in Software Defined Networking.
作者：	Aust, M. E.
关键词：	Computer science, Computing system architectures, Detection, Moving target defense, Moving targets, Statistical analysis, Virtual machines, Network architecture, Standards, Pilot studies, Port scanners, Computer programming, Computer networks, Operating systems, Computers, Network protocols, Sdn(software-defined networking), Host mutation, Network scanning defense, Mtd(moving target defense), Dhcp(dynamichost configuration protocol), Phm(proactive host mutation)
摘要：	With Software-Defined Networking (SDN), hosts can be assigned a virtual IP address that changes at random intervals, allowing hosts to maintain their real IP Address, while presenting a moving target to network scanners. The original concept comes from the University of North Carolina. Their testing was performed in an SDN emulator without any statistical analysis. To further this field of research, a testbed with fifty hosts and one attack machine controlled by an SDN controller is established on physical servers. Experiments are conducted with different possible configurations (i.e.,5, 10, ... 50 hosts; and 30 sec, 1 min, 5 min, and 15 min mutation rates). Results show there is a statistically measurable difference between a traditional network and a software-defined network running host mutation software, with the same configuration. Comparing the scan times and number of hosts found from scans of both networks with a t-test, resulted in low P-Values, approximately 0.05 or lower. In addition, as the number of hosts increased from five to fifty, the difference between the number of hosts found in the traditional network and the SDN increased.
报告类型：	科技报告