A moving target defense and network forensics framework for ISP networks using SDN and NFV

被引:38
|
作者
Aydeger, Abdullah [1 ]
Saputro, Nico [1 ]
Akkaya, Kemal [1 ]
机构
[1] Florida Int Univ, Dept Elect & Comp Engn, Miami, FL 33174 USA
关键词
Moving target defense; Network forensics; SDN; NFV; Crossfire attacks;
D O I
10.1016/j.future.2018.11.045
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
With the increasing diversity of network attacks, there is a trend towards building more agile networks that can defend themselves or prevent attackers to easily launch attacks. To this end, moving target defense (MTD) mechanisms have started to be pursued to dynamically change the structure and configuration of the networks not only during an attack but also before an attack so that conducting network reconnaissance will become much more difficult. Furthermore, various network forensics mechanisms are introduced to help locating the source and types of attacks as a reactive defense mechanism. Emerging Software Defined Networking (SDN) and Network Function Virtualization (NFV) provide excellent opportunities to implement these mechanisms efficiently. This paper considers MTD in the context of an Internet Service Provider (ISP) network and proposes an architectural framework that will enable it even at the reconnaissance phase while facilitating forensics investigations. We propose various virtual shadow networks through NFV to be used when implementing MTD mechanisms via route mutation. The idea is to dynamically change the routes for specific reconnaissance packets so that attackers will not be able to easily identify the actual network topologies for potential distributed denial of service attacks (DDoS) such as Crossfire while enabling the defender to store potential attacker's information through a forensics feature. We present an integrated framework that encompasses these features. The proposed framework is implemented in Mininet to test its effectiveness and overheads. The results demonstrated the effectiveness in terms of failing the attackers at the expense of slightly increased path lengths, end-to-end delay and storage for forensic purposes. (C) 2018 Elsevier B.V. All rights reserved.
引用
收藏
页码:496 / 509
页数:14
相关论文
共 50 条
  • [1] SDN/NFV-Based Moving Target DDoS Defense Mechanism
    Liu, Chien-Chang
    Huang, Bo-Sheng
    Tseng, Chia-Wei
    Yang, Yao-Tsung
    Chou, Li-Der
    [J]. RECENT TRENDS IN DATA SCIENCE AND SOFT COMPUTING, IRICT 2018, 2019, 843 : 548 - 556
  • [2] Simplifying Network Updates in SDN and NFV Networks Using GUM
    Wang, Lei
    Li, Qing
    Liu, Yang
    Jiang, Yong
    Wu, Jianping
    [J]. 2018 27TH INTERNATIONAL CONFERENCE ON COMPUTER COMMUNICATION AND NETWORKS (ICCCN), 2018,
  • [3] SDN-based solutions for Moving Target Defense network protection
    Kampanakis, Panos
    Perros, Harry
    Beyene, Tsegereda
    [J]. 2014 IEEE 15TH INTERNATIONAL SYMPOSIUM ON A WORLD OF WIRELESS, MOBILE AND MULTIMEDIA NETWORKS (WOWMOM), 2014,
  • [4] Mitigation of DDoS Attack Using Moving Target Defense in SDN
    Rochak Swami
    Mayank Dave
    Virender Ranga
    [J]. Wireless Personal Communications, 2023, 131 : 2429 - 2443
  • [5] Mitigation of DDoS Attack Using Moving Target Defense in SDN
    Swami, Rochak
    Dave, Mayank
    Ranga, Virender
    [J]. WIRELESS PERSONAL COMMUNICATIONS, 2023, 131 (04) : 2429 - 2443
  • [6] Research on moving target defense based on SDN
    Chen, Mingyong
    Wu, Weimin
    [J]. GREEN ENERGY AND SUSTAINABLE DEVELOPMENT I, 2017, 1864
  • [7] An SDN-Based Moving Target Defense as a Countermeasure to Prevent Network Scans
    Chiba, Shoya
    Guillen, Luis
    Izumi, Satoru
    Abe, Toru
    Suganuma, Takuo
    [J]. IEICE TRANSACTIONS ON COMMUNICATIONS, 2022, E105B (11) : 1400 - 1407
  • [8] Using SDN and NFV to enhance request rerouting in ISP-CDN collaborations
    Lai, Jeffrey
    Fu, Qiang
    Moors, Tim
    [J]. COMPUTER NETWORKS, 2017, 113 : 176 - 187
  • [10] Countering crossfire DDoS attacks through moving target defense in SDN networks using OpenFlow traffic modification
    Hyder, Muhammad Faraz
    Fatima, Tasbiha
    Khan, Shariq Mahmood
    Arshad, Saadia
    [J]. TRANSACTIONS ON EMERGING TELECOMMUNICATIONS TECHNOLOGIES, 2023,