基于业务感知的随机地址跳变方法
Random Address Mutation Method Based on Service Awareness
查看参考文献18篇
文摘
|
为解决已有地址跳变技术时延高、效率低、不能区分通信业务类型的问题,在软件定义网络环境下提出一种基于业务感知的地址跳变方法.针对子网IP分段连续的特点,采用高效的随机地址生成算法使地址跳变技术更高效.同时使用通信认证算法,根据通信双方的架构和业务可靠性要求来提供不同的跳变模式.实验结果表明,相比OF-RHM、PPAH-SPD方法,该方法能够有效保证通信双方免受嗅探攻击,取得更高效灵活的随机地址跳变效果和地址跳变模式,降低30% ~ 60%的时延并减少抖动. |
其他语种文摘
|
In order to solve the problem of high delay,low efficiency and indistinguishes communication service types in the existing address mutation technology,a service awareness based address mutation method is proposed in the SDN environment. With the feature of subsection IP continuous segmentation, an efficient random address generation algorithm is adopted to make the address mutation technology more efficient. At the same time,a communication authentication algorithm is used to provide different mutation modes according to the architecture and reliability requirements of both sides. Experimental results show that,compared with the OF-RHM and PPAH-SPD method,this method can effectively guarantee the communication parties from the sniffer attack,provide more efficient and flexible address random mutation effect and address mutation mode, reduce the time delay of 30% ~ 60% and reduce the jitter. |
来源
|
计算机工程
,2018,44(10):28-33,41 【扩展库】
|
DOI
|
10.19678/j.issn.1000-3428.0051042
|
关键词
|
网络安全
;
随机地址跳变
;
业务感知
;
可靠性要求
;
时延
|
地址
|
国家数字交换系统工程技术研究中心, 国家数字交换系统工程技术研究中心, 郑州, 450002
|
语种
|
中文 |
文献类型
|
研究性论文 |
ISSN
|
1000-3428 |
学科
|
自动化技术、计算机技术 |
基金
|
国家重点研发计划
;
上海市科委科研计划项目
;
河南省科技攻关项目
|
文献收藏号
|
CSCD:6345007
|
参考文献 共
18
共1页
|
1.
Jajodia S.
Moving target defense: creating asymmetric uncertainty for cyber threats,2011
|
CSCD被引
24
次
|
|
|
|
2.
Antonatos S. Defending against hitlist worms using network address space randomization.
Proceedings of ACM Workshop on Rapid Malcode,2005:30-40
|
CSCD被引
1
次
|
|
|
|
3.
Azodolmolky S.
Software defined networking with OpenFlow,2013
|
CSCD被引
1
次
|
|
|
|
4.
Atighetchi M. Adaptive use of network-centric mechanisms in cyber-defense.
Proceedings of IEEE International Symposium on Objectoriented Real-time Distributed Computing,2003:183-192
|
CSCD被引
1
次
|
|
|
|
5.
Kewley D. Dynamic approaches to thwart adversary intelligence gathering.
Proceedings of DISCEX'01,2001:176-185
|
CSCD被引
1
次
|
|
|
|
6.
Antonatos S. Defending against hitlist worms using network address space randomization.
Microcomputer Information,2009,51(12):3471-3490
|
CSCD被引
26
次
|
|
|
|
7.
Jafarian J H. An effective address mutation approach for disrupting reconnaissance attacks.
IEEE Transactions on Information Forensics and Security,2015,10(12):2562-2577
|
CSCD被引
16
次
|
|
|
|
8.
Jafarian J H. Openflow random host mutation: transparent moving target defense using software defined networking.
Proceedings of Workshop on Hot Topics in Software Defined Networks,2012:127-132
|
CSCD被引
1
次
|
|
|
|
9.
Zheng K. A SDN-based IP address hopping method design.
Proceedings of International Conference on Measurement, Instrumentation and Automation,2016:509-512
|
CSCD被引
1
次
|
|
|
|
10.
张连成. 基于路径与端址跳变的SDN网络主动防御技术.
计算机研究与发展,2017,54(12):2748-2758
|
CSCD被引
3
次
|
|
|
|
11.
Wu J. An effective architecture and algorithm for detecting worms with various scan techniques.
Proceedings of ISOC Symposium on Network and Distributed System Security,2004:143-156
|
CSCD被引
1
次
|
|
|
|
12.
Jafarian J H. Adversaryaware IP address randomization for proactive agility against sophisticated attackers.
Proceedings of 2015 IEEE Conference on Computer Communications,2015:738-746
|
CSCD被引
3
次
|
|
|
|
13.
王宇航.
一种基于SDN的地址跳变主动防御技术的研究与实现,2017
|
CSCD被引
3
次
|
|
|
|
14.
Abdullah T. Testing of Floodlight controller with Mininet in SDN topology.
Sciencerise,2014,5(2):158
|
CSCD被引
2
次
|
|
|
|
15.
Oliveira R L S D. Using Mininet for emulation and prototyping softwaredefined networks.
Proceedings of 2014 IEEE Colombian Conference on Communications and Computing,2014:1-6
|
CSCD被引
1
次
|
|
|
|
16.
Orebaugh A.
Wireshark and Ethereal network protocol analyzer toolkit. S. l,2007:523-540
|
CSCD被引
1
次
|
|
|
|
17.
Mckeown N. OpenFlow: enabling innovation in campus networks.
ACM SIGCOMM Computer Communication Review,2008,38(2):69-74
|
CSCD被引
427
次
|
|
|
|
18.
林森杰. 面向拟态防御系统的竞赛式仲裁模型.
计算机工程,2018,44(4):193-198
|
CSCD被引
5
次
|
|
|
|
|