{"title":"Shoal: A Network Level Moving Target Defense Engine with Software Defined Networking","authors":"Li Wang","doi":"10.4108/eai.1-6-2021.170011","DOIUrl":null,"url":null,"abstract":"Moving Target Defense (MTD) was proposed as a promising defense paradigm to introduce various uncertainties into computer systems, which can greatly raise the bar for the attackers. Currently, there are two classes of MTD research over computer system, system level MTD and network level MTD. System level MTD research introduces uncertainties to various aspects of computer systems; while network level MTD research brings unpredictability of network properties to the target network. A lot of network level MTD research has been proposed, which covers various aspects of computer network. However, the existing MTD approaches usually target on one aspect of computer network, and most of them are designed against a certain network security threat. They can hardly defend against complex attacks or provide complicated protections. In this paper, we propose Shoal, a Moving Target Defense engine with multiple MTD strategies over SDN networks. By applying hybrid and multiple network level MTD methods, Shoal is capable of providing complicated protections and defending advanced attacks. We evaluate Shoal in two advanced protection scenarios, moving target surface and Crossfire attack. The evaluation results, in term of security effectiveness and performance cost, show the protection provided by Shoal’s hybrid MTD methods is effective and the performance cost is relatively low. Received on 25 March 2021; accepted on 09 May 2021; published on 01 June 2021","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"129 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"EAI Endorsed Trans. Security Safety","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4108/eai.1-6-2021.170011","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
Moving Target Defense (MTD) was proposed as a promising defense paradigm to introduce various uncertainties into computer systems, which can greatly raise the bar for the attackers. Currently, there are two classes of MTD research over computer system, system level MTD and network level MTD. System level MTD research introduces uncertainties to various aspects of computer systems; while network level MTD research brings unpredictability of network properties to the target network. A lot of network level MTD research has been proposed, which covers various aspects of computer network. However, the existing MTD approaches usually target on one aspect of computer network, and most of them are designed against a certain network security threat. They can hardly defend against complex attacks or provide complicated protections. In this paper, we propose Shoal, a Moving Target Defense engine with multiple MTD strategies over SDN networks. By applying hybrid and multiple network level MTD methods, Shoal is capable of providing complicated protections and defending advanced attacks. We evaluate Shoal in two advanced protection scenarios, moving target surface and Crossfire attack. The evaluation results, in term of security effectiveness and performance cost, show the protection provided by Shoal’s hybrid MTD methods is effective and the performance cost is relatively low. Received on 25 March 2021; accepted on 09 May 2021; published on 01 June 2021
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
