The article proposes a network dynamic defense model based on the DHCP protocol for enterprise internal network security protection needs, which not only implements network terminal access verification, but also it realizes the periodic dynamic adjustment of the IP address, and increases the difficulty of network detection and attack. So, the security of the enterprise intranet is improved.
This paper proposes a security protection model based on end-to-end information hopping to meet the actual needs of enterprise intranet protection. The problem has enhanced the proactive protection capability of the intranet.
In view of the shortcomings of traditional network defense measures and the dynamic defense needs of existing network security, a random virtual IP address redistribution technology based on OpenFlow protocol is proposed, which realizes the conversion between real IP address space and random virtual IP address space. The technology can increase the randomness of IP addresses in two dimensions of time and space, and increase the difficulty of network sniffing and network attacks. It provides new solutions and ideas for the implementation of dynamic defense at the network level.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.