帮助 关于我们

返回检索结果

基于业务感知的随机地址跳变方法
Random Address Mutation Method Based on Service Awareness

查看参考文献18篇

文摘 为解决已有地址跳变技术时延高、效率低、不能区分通信业务类型的问题,在软件定义网络环境下提出一种基于业务感知的地址跳变方法.针对子网IP分段连续的特点,采用高效的随机地址生成算法使地址跳变技术更高效.同时使用通信认证算法,根据通信双方的架构和业务可靠性要求来提供不同的跳变模式.实验结果表明,相比OF-RHM、PPAH-SPD方法,该方法能够有效保证通信双方免受嗅探攻击,取得更高效灵活的随机地址跳变效果和地址跳变模式,降低30% ~ 60%的时延并减少抖动.
其他语种文摘 In order to solve the problem of high delay,low efficiency and indistinguishes communication service types in the existing address mutation technology,a service awareness based address mutation method is proposed in the SDN environment. With the feature of subsection IP continuous segmentation, an efficient random address generation algorithm is adopted to make the address mutation technology more efficient. At the same time,a communication authentication algorithm is used to provide different mutation modes according to the architecture and reliability requirements of both sides. Experimental results show that,compared with the OF-RHM and PPAH-SPD method,this method can effectively guarantee the communication parties from the sniffer attack,provide more efficient and flexible address random mutation effect and address mutation mode, reduce the time delay of 30% ~ 60% and reduce the jitter.
来源 计算机工程 ,2018,44(10):28-33,41 【扩展库】
DOI 10.19678/j.issn.1000-3428.0051042
关键词 网络安全 ; 随机地址跳变 ; 业务感知 ; 可靠性要求 ; 时延
地址

国家数字交换系统工程技术研究中心, 国家数字交换系统工程技术研究中心, 郑州, 450002

语种 中文
文献类型 研究性论文
ISSN 1000-3428
学科 自动化技术、计算机技术
基金 国家重点研发计划 ;  上海市科委科研计划项目 ;  河南省科技攻关项目
文献收藏号 CSCD:6345007

参考文献 共 18 共1页

1.  Jajodia S. Moving target defense: creating asymmetric uncertainty for cyber threats,2011 被引 24    
2.  Antonatos S. Defending against hitlist worms using network address space randomization. Proceedings of ACM Workshop on Rapid Malcode,2005:30-40 被引 1    
3.  Azodolmolky S. Software defined networking with OpenFlow,2013 被引 1    
4.  Atighetchi M. Adaptive use of network-centric mechanisms in cyber-defense. Proceedings of IEEE International Symposium on Objectoriented Real-time Distributed Computing,2003:183-192 被引 1    
5.  Kewley D. Dynamic approaches to thwart adversary intelligence gathering. Proceedings of DISCEX'01,2001:176-185 被引 1    
6.  Antonatos S. Defending against hitlist worms using network address space randomization. Microcomputer Information,2009,51(12):3471-3490 被引 26    
7.  Jafarian J H. An effective address mutation approach for disrupting reconnaissance attacks. IEEE Transactions on Information Forensics and Security,2015,10(12):2562-2577 被引 16    
8.  Jafarian J H. Openflow random host mutation: transparent moving target defense using software defined networking. Proceedings of Workshop on Hot Topics in Software Defined Networks,2012:127-132 被引 1    
9.  Zheng K. A SDN-based IP address hopping method design. Proceedings of International Conference on Measurement, Instrumentation and Automation,2016:509-512 被引 1    
10.  张连成. 基于路径与端址跳变的SDN网络主动防御技术. 计算机研究与发展,2017,54(12):2748-2758 被引 3    
11.  Wu J. An effective architecture and algorithm for detecting worms with various scan techniques. Proceedings of ISOC Symposium on Network and Distributed System Security,2004:143-156 被引 1    
12.  Jafarian J H. Adversaryaware IP address randomization for proactive agility against sophisticated attackers. Proceedings of 2015 IEEE Conference on Computer Communications,2015:738-746 被引 3    
13.  王宇航. 一种基于SDN的地址跳变主动防御技术的研究与实现,2017 被引 3    
14.  Abdullah T. Testing of Floodlight controller with Mininet in SDN topology. Sciencerise,2014,5(2):158 被引 2    
15.  Oliveira R L S D. Using Mininet for emulation and prototyping softwaredefined networks. Proceedings of 2014 IEEE Colombian Conference on Communications and Computing,2014:1-6 被引 1    
16.  Orebaugh A. Wireshark and Ethereal network protocol analyzer toolkit. S. l,2007:523-540 被引 1    
17.  Mckeown N. OpenFlow: enabling innovation in campus networks. ACM SIGCOMM Computer Communication Review,2008,38(2):69-74 被引 420    
18.  林森杰. 面向拟态防御系统的竞赛式仲裁模型. 计算机工程,2018,44(4):193-198 被引 5    
引证文献 2

1 陈彤睿 基于事件驱动与定时迁移的平台动态防御策略 计算机工程,2019,45(9):105-111
被引 1

2 王志屹 基于信号博弈的端信息跳变同步策略 火力与指挥控制,2020,45(9):181-185,190
被引 0 次

显示所有2篇文献

论文科学数据集
PlumX Metrics
相关文献

 作者相关
 关键词相关
 参考文献相关

版权所有 ©2008 中国科学院文献情报中心 制作维护:中国科学院文献情报中心
地址:北京中关村北四环西路33号 邮政编码:100190 联系电话:(010)82627496 E-mail:cscd@mail.las.ac.cn 京ICP备05002861号-4 | 京公网安备11010802043238号