Moving-Target Defenses for Computer Networks

Carvalho, Marco; Ford, Richard

doi:10.1109/msp.2014.30

Cited by 57 publications

(28 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For perfect port hopping, the likelihood of attack success defined by Equation (4) becomes (7) The attack success rate in this scenario is shown in Figure 2, the likelihood of attack success increases slowly as the number of probes increases, whic h is slower than that of static ports when v is fixed. Figure 2 also shows that the attack success rate increases as the number of vulnerable services increases when number of probes k is fixed, and the fewer vulnerable services a server host has, the better defense performance port hopping performs.…”

Section: Number Of Probesmentioning

confidence: 98%

“…In order to turn the asymmetric scale of cyber attacks and defenses, people focus their attentions on moving target defense (MTD) [6][7] technologies, such as address and port hopping, which is a novel proactive cyber defense mechanism where the defenders continuously shift their systems' attack surfaces to increase attackers' efforts in performing reconnaissance and compromising their systems [8]. MTD alters systems' network attributes in an unpredictable way, and in such a way to confuse potential attackers and render their knowledge ineffective or impractical.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Analysis of Port Hopping for Proactive Cyber Defense

Luo¹,

Wang²,

Cai³

2015

IJSIA

View full text Add to dashboard Cite

show abstract

Section: Number Of Probesmentioning

confidence: 98%

Section: Introductionmentioning

confidence: 99%

Analysis of Port Hopping for Proactive Cyber Defense

Luo¹,

Wang²,

Cai³

2015

IJSIA

View full text Add to dashboard Cite

show abstract

“…Due to the static nature of a cyber system, an attacker can not only perform reconnaissance on the target cyber system (i.e., scan the attack surface of the target system for possible vulnerabilities), but also launch an attack at his chosen time point to exploit the discovered vulnerabilities [1]. The traditional strategy to defend the cyber system is to detect the unique behaviors of the attack.…”

Section: Introductionmentioning

confidence: 99%

A Cost-effective Shuffling Method against DDoS Attacks using Moving Target Defense

Zhou

Cheng

Jiang

et al. 2019

Proceedings of the 6th ACM Workshop on Moving Target Defense

View full text Add to dashboard Cite

Moving Target Defense (MTD) has emerged as a newcomer into the asymmetric field of attack and defense, and shuffling-based MTD has been regarded as one of the most effective ways to mitigate DDoS attacks. However, previous work does not acknowledge that frequent shuffles would significantly intensify the overhead. MTD requires a quantitative measure to compare the cost and effectiveness of available adaptations and explore the best trade-off between them. In this paper, therefore, we propose a new costeffective shuffling method against DDoS attacks using MTD. By exploiting Multi-Objective Markov Decision Processes to model the interaction between the attacker and the defender, and designing a cost-effective shuffling algorithm, we study the best trade-off between the effectiveness and cost of shuffling in a given shuffling scenario. Finally, simulation and experimentation on an experimental software defined network (SDN) indicate that our approach imposes an acceptable shuffling overload and is effective in mitigating DDoS attacks. CCS CONCEPTS• Networks → Denial-of-service attacks; • Security and privacy → Formal security models.

show abstract

“…Considering adversaries that can eavesdrop and launch DoS attacks to the applications' open ports, solutions based on port hopping have been proposed [15]. Port hopping is an effective moving target defense mechanism [5] that turns the asymmetric scale of network attacks and defenses, dynamically maps a service's port to an unused pseudo-random port [16], can provide a robust communication environment for clients and servers. The port hopping is designed to allow the client to access the server's services by assigning the ephemeral and synchronous random port number.…”

Section: Introductionmentioning

confidence: 99%

A Covert Communication Scheme based on DNA Microdots for Port Hopping

Shi¹

2017

IJPE

View full text Add to dashboard Cite

Port hopping is an effective solution for Moving Target Defense (MTD), which randomly changes the server's service port number to provide a robust communication against malicious Denial of Service (DoS) and Distributed DoS (DDoS) attack. Although a series of novel and feasible port hopping mechanisms have been proposed and implemented, most of them cannot prevent the messages transmitted in the network from being intercepted by an attacker. This paper addresses the problem of defending the eavesdropping attack with the port hopping process. We propose a new module that combines the properties of port hopping and the encryption of DNA microdots to resist the eavesdropping attacks in the network. The proposed port hopping process is compatible with the UDP and TCP protocols, in which the four IP addresses equipped in the server stand for the different nucleotides of DNA strands. We implement the proposed scheme and conduct the theoretical analysis on it. The theoretical analysis and experimental results illustrate that the proposed scheme can effectively defend against the DoS/DDoS and eavesdropping attacks.

show abstract

Moving-Target Defenses for Computer Networks

Cited by 57 publications

References 1 publication

Analysis of Port Hopping for Proactive Cyber Defense

Analysis of Port Hopping for Proactive Cyber Defense

A Cost-effective Shuffling Method against DDoS Attacks using Moving Target Defense

A Covert Communication Scheme based on DNA Microdots for Port Hopping

Contact Info

Product

Resources

About