{"title":"基于动态地址空间随机化的网络安全协议原理","authors":"Vladimir, Krylov, Kirill, Kravtsov","doi":"10.17265/1548-7709/2016.02.003","DOIUrl":null,"url":null,"abstract":"To create network security solutions and protocols, we introduced IP Fast Hopping. Our approach is based on theory of convoluted multiaddress networks, which describes principles of dynamic network address space randomization. Our technique aimed to protect network nodes against various types of network threats by hiding of node’s network address from malefactors. Existing networks are still vulnerable to attacks like Denial of Service despite a number of proposed defense approaches. Therefore, developing of a new alternate approach in this area is still actual problem. Our solution in this area can be easily deployed as a software solution without significant impact of existing network architecture. The main idea of our work is isolation of network nodes from a malicious traffic by the specific addressing policy where the network address is not unique identification of physical location of the node. This correlation should be dynamic and available only for legitimate terminals. In such case, a malefactor cannot acquire access to the protected server and initiate an attack.","PeriodicalId":69156,"journal":{"name":"通讯和计算机:中英文版","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2016-02-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Principles of Network Security Protocols Based on Dynamic Address Space Randomization\",\"authors\":\"Vladimir, Krylov, Kirill, Kravtsov\",\"doi\":\"10.17265/1548-7709/2016.02.003\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"To create network security solutions and protocols, we introduced IP Fast Hopping. Our approach is based on theory of convoluted multiaddress networks, which describes principles of dynamic network address space randomization. Our technique aimed to protect network nodes against various types of network threats by hiding of node’s network address from malefactors. Existing networks are still vulnerable to attacks like Denial of Service despite a number of proposed defense approaches. Therefore, developing of a new alternate approach in this area is still actual problem. Our solution in this area can be easily deployed as a software solution without significant impact of existing network architecture. The main idea of our work is isolation of network nodes from a malicious traffic by the specific addressing policy where the network address is not unique identification of physical location of the node. This correlation should be dynamic and available only for legitimate terminals. In such case, a malefactor cannot acquire access to the protected server and initiate an attack.\",\"PeriodicalId\":69156,\"journal\":{\"name\":\"通讯和计算机:中英文版\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-02-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"通讯和计算机:中英文版\",\"FirstCategoryId\":\"1093\",\"ListUrlMain\":\"https://doi.org/10.17265/1548-7709/2016.02.003\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"通讯和计算机:中英文版","FirstCategoryId":"1093","ListUrlMain":"https://doi.org/10.17265/1548-7709/2016.02.003","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Principles of Network Security Protocols Based on Dynamic Address Space Randomization
To create network security solutions and protocols, we introduced IP Fast Hopping. Our approach is based on theory of convoluted multiaddress networks, which describes principles of dynamic network address space randomization. Our technique aimed to protect network nodes against various types of network threats by hiding of node’s network address from malefactors. Existing networks are still vulnerable to attacks like Denial of Service despite a number of proposed defense approaches. Therefore, developing of a new alternate approach in this area is still actual problem. Our solution in this area can be easily deployed as a software solution without significant impact of existing network architecture. The main idea of our work is isolation of network nodes from a malicious traffic by the specific addressing policy where the network address is not unique identification of physical location of the node. This correlation should be dynamic and available only for legitimate terminals. In such case, a malefactor cannot acquire access to the protected server and initiate an attack.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
