Attack Graph-Based Moving Target Defense in Software-Defined Networks
作者: Seunghyun Yoon , Jin-Hee Cho , Dong Seong Kim , Terrence J. Moore , Frederica Free-Nelson
DOI: 10.1109/TNSM.2020.2987085
关键词: Electronic mail 、 Vulnerability (computing) 、 Computer network 、 Attack surface 、 Network topology 、 Host (network) 、 Testbed 、 Computer science 、 Software-defined networking 、 Complex network
摘要: … for a certain time interval at the SDN switches. • IP/Port shuffling: To transform the end hosts into untraceable moving targets, the SDN controller periodically reassigns vIP to the end …
uq.edu.au参考文章(29)
Yih Huang, Anup K. Ghosh, Introducing Diversity and Uncertainty to Create Moving Attack Surfaces for Web Services Moving Target Defense. pp. 131- 151 ,(2011) , 10.1007/978-1-4614-0977-9_8
Lingyu Wang, Tania Islam, Tao Long, Anoop Singhal, Sushil Jajodia, An Attack Graph-Based Probabilistic Security Metric Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security. ,vol. 5094, pp. 283- 296 ,(2008) , 10.1007/978-3-540-70567-3_22
John Homer, Su Zhang, Xinming Ou, David Schmidt, Yanhui Du, S. Raj Rajagopalan, Anoop Singhal, Aggregating vulnerability metrics in enterprise networks using attack graphs Journal of Computer Security. ,vol. 21, pp. 561- 597 ,(2013) , 10.3233/JCS-130475
Marthony Taguinod, Adam Doupe, Ziming Zhao, Gail-Joon Ahn, Toward a Moving Target Defense for Web Applications information reuse and integration. pp. 510- 517 ,(2015) , 10.1109/IRI.2015.84
Sungmin Hong, Lei Xu, Haopei Wang, Guofei Gu, None, Poisoning Network Visibility in Software-Defined Networks: New Attacks and Countermeasures. network and distributed system security symposium. ,(2015) , 10.14722/NDSS.2015.23283
Jafar Haadi Jafarian, Ehab Al-Shaer, Qi Duan, Openflow random host mutation: transparent moving target defense using software defined networking acm special interest group on data communication. pp. 127- 132 ,(2012) , 10.1145/2342441.2342467
Wei Peng, Feng Li, Chin-Tser Huang, Xukai Zou, A moving-target defense strategy for Cloud-based services with heterogeneous and dynamic attack surfaces international conference on communications. pp. 804- 809 ,(2014) , 10.1109/ICC.2014.6883418
Yu Liu, Hong Man, Network vulnerability assessment using Bayesian networks Data mining, intrusion detection, information assurance, and data networks security. Conference. ,vol. 5812, pp. 61- 71 ,(2005) , 10.1117/12.604240
Douglas C. MacFarland, Craig A. Shue, The SDN Shuffle: Creating a Moving-Target Defense using Host-based Software-Defined Networking Proceedings of the Second ACM Workshop on Moving Target Defense. pp. 37- 41 ,(2015) , 10.1145/2808475.2808485
Shardul Vikram, Chao Yang, Guofei Gu, NOMAD: Towards non-intrusive moving-target defense against web bots communications and networking symposium. pp. 55- 63 ,(2013) , 10.1109/CNS.2013.6682692