{"title":"Principles of Network Security Protocols Based on Dynamic Address Space Randomization","authors":"Vladimir, Krylov, Kirill, Kravtsov","doi":"10.17265/1548-7709/2016.02.003","DOIUrl":null,"url":null,"abstract":"To create network security solutions and protocols, we introduced IP Fast Hopping. Our approach is based on theory of convoluted multiaddress networks, which describes principles of dynamic network address space randomization. Our technique aimed to protect network nodes against various types of network threats by hiding of node’s network address from malefactors. Existing networks are still vulnerable to attacks like Denial of Service despite a number of proposed defense approaches. Therefore, developing of a new alternate approach in this area is still actual problem. Our solution in this area can be easily deployed as a software solution without significant impact of existing network architecture. The main idea of our work is isolation of network nodes from a malicious traffic by the specific addressing policy where the network address is not unique identification of physical location of the node. This correlation should be dynamic and available only for legitimate terminals. In such case, a malefactor cannot acquire access to the protected server and initiate an attack.","PeriodicalId":69156,"journal":{"name":"通讯和计算机:中英文版","volume":"29 1","pages":"77-89"},"PeriodicalIF":0.0000,"publicationDate":"2016-02-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"通讯和计算机:中英文版","FirstCategoryId":"1093","ListUrlMain":"https://doi.org/10.17265/1548-7709/2016.02.003","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
To create network security solutions and protocols, we introduced IP Fast Hopping. Our approach is based on theory of convoluted multiaddress networks, which describes principles of dynamic network address space randomization. Our technique aimed to protect network nodes against various types of network threats by hiding of node’s network address from malefactors. Existing networks are still vulnerable to attacks like Denial of Service despite a number of proposed defense approaches. Therefore, developing of a new alternate approach in this area is still actual problem. Our solution in this area can be easily deployed as a software solution without significant impact of existing network architecture. The main idea of our work is isolation of network nodes from a malicious traffic by the specific addressing policy where the network address is not unique identification of physical location of the node. This correlation should be dynamic and available only for legitimate terminals. In such case, a malefactor cannot acquire access to the protected server and initiate an attack.