Moving target defense solution on network layer based on OpenFlow |
| |
Authors: | Yi-xun HU Kang-feng ZHENG Yi-xian YANG Xin-xin NIU |
| |
Affiliation: | 1. College of Cyberspace Security,Beijing University of Posts and Telecommunications,Beijing 100876,China;2. State Key Laboratory of Public Big Data,Guizhou University,Guiyang 550025,China |
| |
Abstract: | In order to take an active part in network attack and defense,a moving target defense solution on network layer based on OpenFlow was proposed,using the flexibility of network brought by OpenFlow network architecture.On the network layer,through mapping the correspondent nodes’ addresses to pseudo-random virtual addresses in the LAN and mapping correspondent nodes’ ports to virtual ports,achieving the hiding of correspond nodes in the whole network and the information of network architecture.Researches verify the system’s effectiveness.Comparing with existing moving target defense solutions,the proposed algorithm can be deployed easily in the traditional network,and realize comprehensive protection of the corresponding in the whole network. |
| |
Keywords: | active defense OpenFlow moving target defense |
|
| 点击此处可从《通信学报》浏览原始摘要信息 |
|
点击此处可从《通信学报》下载全文 |
|