A moving target defense and network forensics framework for ISP networks using SDN and NFV

被引:38
|
作者
Aydeger, Abdullah [1 ]
Saputro, Nico [1 ]
Akkaya, Kemal [1 ]
机构
[1] Florida Int Univ, Dept Elect & Comp Engn, Miami, FL 33174 USA
关键词
Moving target defense; Network forensics; SDN; NFV; Crossfire attacks;
D O I
10.1016/j.future.2018.11.045
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
With the increasing diversity of network attacks, there is a trend towards building more agile networks that can defend themselves or prevent attackers to easily launch attacks. To this end, moving target defense (MTD) mechanisms have started to be pursued to dynamically change the structure and configuration of the networks not only during an attack but also before an attack so that conducting network reconnaissance will become much more difficult. Furthermore, various network forensics mechanisms are introduced to help locating the source and types of attacks as a reactive defense mechanism. Emerging Software Defined Networking (SDN) and Network Function Virtualization (NFV) provide excellent opportunities to implement these mechanisms efficiently. This paper considers MTD in the context of an Internet Service Provider (ISP) network and proposes an architectural framework that will enable it even at the reconnaissance phase while facilitating forensics investigations. We propose various virtual shadow networks through NFV to be used when implementing MTD mechanisms via route mutation. The idea is to dynamically change the routes for specific reconnaissance packets so that attackers will not be able to easily identify the actual network topologies for potential distributed denial of service attacks (DDoS) such as Crossfire while enabling the defender to store potential attacker's information through a forensics feature. We present an integrated framework that encompasses these features. The proposed framework is implemented in Mininet to test its effectiveness and overheads. The results demonstrated the effectiveness in terms of failing the attackers at the expense of slightly increased path lengths, end-to-end delay and storage for forensic purposes. (C) 2018 Elsevier B.V. All rights reserved.
引用
收藏
页码:496 / 509
页数:14
相关论文
共 50 条
  • [21] Mobile Networks Disaster Recovery Using SDN-NFV
    Volvach, Ievgen
    Globa, Larysa
    [J]. 2016 International Conference Radio Electronics & Info Communications (UkrMiCo), 2016,
  • [22] Smart Television Services Using NFV/SDN Network Management
    Jawad, Nawar
    Salih, Mukhald
    Ali, Kareem
    Meunier, Benjamin
    Zhang, Yue
    Zhang, Xun
    Zetik, Rudolf
    Zarakovitis, Charilaos
    Koumaras, Harilaos
    Kourtis, Michail-Alexandros
    Shi, Lina
    Mazurczyk, Wojciech
    Cosmas, John
    [J]. IEEE TRANSACTIONS ON BROADCASTING, 2019, 65 (02) : 404 - 413
  • [23] Defending Blind DDoS Attack on SDN Based on Moving Target Defense
    Ma, Duohe
    Xu, Zhen
    Lin, Dongdai
    [J]. INTERNATIONAL CONFERENCE ON SECURITY AND PRIVACY IN COMMUNICATION NETWORKS, SECURECOMM 2014, PT I, 2015, 152 : 463 - 480
  • [24] Investigation of Moving Target Defense Technique to Prevent Poisoning Attacks in SDN
    Macwan, Saumil
    Lung, Chung-Horng
    [J]. 2019 IEEE WORLD CONGRESS ON SERVICES (IEEE SERVICES 2019), 2019, : 178 - 183
  • [25] Evaluating Performance and Security of a Hybrid Moving Target Defense in SDN Environments
    Kim, Minjune
    Cho, Jin-Hee
    Lim, Hyuk
    Moore, Terrence J.
    Nelson, Frederica F.
    Ko, Ryan K. L.
    Kim, Dan Dongseong
    [J]. 2022 IEEE 22ND INTERNATIONAL CONFERENCE ON SOFTWARE QUALITY, RELIABILITY AND SECURITY, QRS, 2022, : 276 - 286
  • [26] Moving Target Defense Routing for SDN-enabled Smart Grid
    Abdelkhalek, Moataz
    Hyder, Burhan
    Govindarasu, Manimaran
    Rieger, Craig G.
    [J]. 2022 IEEE INTERNATIONAL CONFERENCE ON CYBER SECURITY AND RESILIENCE (IEEE CSR), 2022, : 215 - 220
  • [27] Secure Multipath Mutation SMPM in Moving Target Defense Based on SDN
    Zkik, Karim
    Sebbar, Anass
    Baddi, Youssef
    Boulmalf, Mohammed
    [J]. 10TH INTERNATIONAL CONFERENCE ON AMBIENT SYSTEMS, NETWORKS AND TECHNOLOGIES (ANT 2019) / THE 2ND INTERNATIONAL CONFERENCE ON EMERGING DATA AND INDUSTRY 4.0 (EDI40 2019) / AFFILIATED WORKSHOPS, 2019, 151 : 977 - 984
  • [28] SDNShield: NFV-Based Defense Framework Against DDoS Attacks on SDN Control Plane
    Chen, Kuan-Yin
    Liu, Sen
    Xu, Yang
    Siddhrau, Ishant Kumar
    Zhou, Siyu
    Guo, Zehua
    Chao, H. Jonathan
    [J]. IEEE-ACM TRANSACTIONS ON NETWORKING, 2022, 30 (01) : 1 - 17
  • [29] Moving Target Defense for Virtual Network Functions
    Peretz, Reuven
    Shenzis, Shlomo
    Hay, David
    [J]. NOMS 2020 - PROCEEDINGS OF THE 2020 IEEE/IFIP NETWORK OPERATIONS AND MANAGEMENT SYMPOSIUM 2020: MANAGEMENT IN THE AGE OF SOFTWARIZATION AND ARTIFICIAL INTELLIGENCE, 2020,
  • [30] Computer Network Deception as a Moving Target Defense
    Urias, Vincent E.
    Stout, William M. S.
    Loverro, Caleb
    [J]. 49TH ANNUAL IEEE INTERNATIONAL CARNAHAN CONFERENCE ON SECURITY TECHNOLOGY (ICCST), 2015, : 101 - 106