Loading [a11y]/accessibility-menu.js
Fast address hopping at the switches: Securing access for packet forwarding in SDN | IEEE Conference Publication | IEEE Xplore

Fast address hopping at the switches: Securing access for packet forwarding in SDN


Abstract:

To defend against network reconnaissance for unauthorized access of the packet forwarding path, we leverage software-defined networking (SDN) and build moving target defe...Show More

Abstract:

To defend against network reconnaissance for unauthorized access of the packet forwarding path, we leverage software-defined networking (SDN) and build moving target defense (MTD) by randomizing network addresses. We distinguish our work from prior research by implementing MTD at the data plane and on all nodes along the forwarding path. Thus, our scheme is fast and lightweight in operation (significantly decreasing the controller communication overhead) and enables quicker security response to reduce the attack impact (as opposed to having the attack impact all the way to the endhost destination). We validate our work on an Open vSwitch-based testbed and show that the attacker's cost to achieve timely network reconnaissance increases by more than an order of magnitude than having the controller actuate the MTD.
Date of Conference: 25-29 April 2016
Date Added to IEEE Xplore: 04 July 2016
Electronic ISBN:978-1-5090-0223-8
Electronic ISSN: 2374-9709
Conference Location: Istanbul, Turkey

References

References is not available for this document.