A moving target defense approach to mitigate DDoS attacks against proxy-based architectures

Sridhar, Varadharajan; Albanese, Massimiliano; Amin, Kavit; Jajodia, Sushil; Wright, Mason

doi:10.1109/cns.2016.7860486

Cited by 47 publications

(35 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The strategic stability of various categories like proactive server movement, delayed attack timing and suspected insider blocking are blocked effectively through the concepts of MTD. New client-to-proxy assignment strategy [11] is proposed which employs MTD which helps in isolating the compromised clients thereby reduces the impact of attacks. The experiment is validated both theoretically and through simulations which limits effectively the number of proxies discovered by an attacker and isolates malicious clients.…”

Section: Related Workmentioning

confidence: 99%

Moving Target Defense Strategy for Mitigating Denial of Service Attack in the Public Cloud Environment

Rajakumaran*,

Venkataraman

2019

IJEAT

View full text Add to dashboard Cite

Internet is a network of interconnected systems which works collaboratively and services the users without any disruption. But for achieving the same in real time, needs the new prominent technology cloud computing. The massive attractive features and simple pay-as-you-go model of cloud makes it reachable to all the users Denial-of-Service (DoS) plays a crucial role in making the services inaccessible to its intended users. The traditional DoS can no longer be successful in the cloud scenario as it poses the auto scaling feature. Still, the DoS can consume the bandwidth of the cloud customers as they need to pay for their complete usage. In spite of the huge number of recovery measures available in cloud, DoS becoming harder every day in terms of attack volume and severity. Hence complete mitigation against DoS attack is the expected solution which needs to be proved in today’s digital world. Moving Target Defence (MTD) is one such prominent emerging solution which aims to avoid the DDoS attacks in the cloud environment. The challenge of MTD is to change the attack surface periodically such that the attackers will be facing difficulty in even the attack attempts. This paper aims to provide solution for avoiding DoS attack by adopting MTD algorithm for making the web servers redundant in the cloud environment. Experimental simulations prove the effectiveness of MTD in the public cloud environment.

show abstract

Section: Related Workmentioning

confidence: 99%

Moving Target Defense Strategy for Mitigating Denial of Service Attack in the Public Cloud Environment

Rajakumaran*,

Venkataraman

2019

IJEAT

View full text Add to dashboard Cite

show abstract

“…In [26], Jia et al presented a successor of MOTAG, that supports authenticated and anonymous clients and is deployed in a cloud-based environment. Both MTD approaches [24]- [26] were only simulated in MATLAB and are vulnerable to the proxy harvesting attack [27].…”

Section: Related Workmentioning

confidence: 99%

DDoS defense using MTD and SDN

Steinberger

Kuhnert²,

Dietz

et al. 2018

NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium

View full text Add to dashboard Cite

Distributed large-scale cyber attacks targeting the availability of computing and network resources still remains a serious threat. In order to limit the effects caused by those attacks and to provide a proactive defense, mitigation should move to the networks of Internet Service Providers. In this context, MTD is a technique that increases uncertainty due to an ever-changing attack surface. In combination with SDN, MTD has the potential to reduce the effects of a large-scale cyber attack. In this paper, we combine the defense techniques movingtarget using Software Defined Networking and investigate their effectiveness. We review current moving-target defense strategies and their applicability in context of large-scale cyber attacks and the networks of Internet Service Providers. Further, we enforce the implementation of moving target defense strategies using Software Defined Networks in a collaborative environment. In particular, we focus on ISPs that cooperate among trusted partners. We found that the effects of a large-scale cyber attack can be significantly reduced using the moving-target defense and Software Defined Networking. Moreover, we show that Software Defined Networking is an appropriate approach to enforce implementation of the moving target defense and thus mitigate the effects caused by large-scale cyber attacks.

show abstract

“…Wide area networks may be able to provide such a sufficiently large number of different routes, but this is clearly not the case in a local network, which usually manages to prevent loops in topology and has much less redundant traversing paths. Venkatesan et al [16] proposed an MTD approach utilizing proxy. In their approach, the proxy is not software on end-hosts, but a standalone device in the network acting as a traffic filter for mitigating DDoS attacks.…”

Section: Similar Workmentioning

confidence: 99%

A Semistructured Random Identifier Protocol for Anonymous Communication in SDN Network

Wang

Guo

et al. 2018

Security and Communication Networks

View full text Add to dashboard Cite

Traffic analysis is an effective mean for gathering intelligence from within a large enterprise’s local network. Adversaries are able to monitor all traffic traversing a switch by exploiting just one vulnerability in it and obtain valuable information (e.g., online hosts and ongoing sessions) for further attacking, while administrators have to patch all switches as soon as possible in hope of eliminating the vulnerability in time. Moving Target Defense (MTD) is a new paradigm for reobtaining the upper hand in network defense by dynamically changing attack surfaces of the network. In this paper, we propose U-TRI (unlinkability through random identifier) as a moving target technique for changing the information-leaking identifiers within PDUs for SDN network. U-TRI is based on VIRO protocol and implemented with the help of OpenFlow protocol. U-TRI employs an independent, binary tree-structured, periodically and randomly updating identifier to replace the first part of the static MAC address in PDU, and assigns unstructured random values to the remaining part of the MAC address. U-TRI also obfuscates identifiers in the network layer and transport layer in an unstructured manner. Such a semistructured random identifier enables U-TRI to significantly weaken the linkage between identifiers and end-hosts as well as communication sessions, thus providing anonymous communication in SDN network. The result of analysis and experiments indicates that U-TRI dramatically increases the difficulty of traffic analysis with acceptable burdens on network performance.

show abstract

A moving target defense approach to mitigate DDoS attacks against proxy-based architectures

Cited by 47 publications

References 13 publications

Moving Target Defense Strategy for Mitigating Denial of Service Attack in the Public Cloud Environment

Moving Target Defense Strategy for Mitigating Denial of Service Attack in the Public Cloud Environment

DDoS defense using MTD and SDN

A Semistructured Random Identifier Protocol for Anonymous Communication in SDN Network

Contact Info

Product

Resources

About