基于软件定义网络的反嗅探攻击方法

网络嗅探攻击中，攻击者从网络节点或链路捕获和分析网络通信数据、监视网络状态、窃取用户名和密码等敏感信息。在攻击发生时，攻击者通常处于静默状态，传统的网络防护手段如防火墙、入侵检测系统（IDS）或入侵防御系统（IPS）很难发现并有效抵御攻击。从网络结构入手，提出基于软件定义网络（SDN）的动态路径跳变（DPH）通信机制，依据空间和时间约束条件，动态改变通信节点之间的路径，宏观上将通信流量相对均匀地分布在多条传输链路中，增加网络嗅探攻击中获取完整数据的难度。实验仿真结果说明，在一定的网络规模下，动态路径跳变能够在不明显降低网络传输性能的条件下有效防御嗅探攻击。

Anti-sniffering attack method based on software defined network

In network sniffing attacks, attackers capture and analyze network communication data from network nodes or links, monitor network status and steal sensitive data such as usernames and passwords. In an ongoing attack, the attacker is usually in a silent state, traditional network protection methods such as firewalls, Intrusion Detection System (IDS), or Intrusion Prevention System (IPS) are difficult to detect and defend against it. A Dynamic Path Hopping (DPH) mechanism based on Software Defined Network (SDN) was proposed to solve this problem. In DPH, the paths of communication nodes were dynamically changed according to constraints of space and time, and the communication traffic was evenly distributed in multiple transmission paths, which increased the difficulty of obtaining complete data in the network sniffing attack. The experimental and performance simulation results show that under a certain network scale, DPH can effectively defend sniffer attacks without significantly reducing network transmission performance.