基于POF的网络窃听攻击移动目标防御方法被引量：5

Moving target defense against network eavesdropping attack using POF

在线阅读下载PDF

导出

摘要网络窃听攻击是网络通信安全的重大威胁,它具有隐蔽性和无干扰性的特点,很难通过传统的流量特征识别的被动防御方法检测到。而现有的路径加密和动态地址等方法只能混淆网络协议的部分字段,不能形成全面的防护。提出一种基于协议无感知转发(POF,protocol-oblivious forwarding)技术的移动目标防御(MTD,moving target defense)方法,通过私有协议分组随机化策略和动态路径欺骗分组随机丢弃策略,大大提高攻击者实施网络窃听的难度,保障网络通信过程的隐私性。通过实验验证和理论分析证明了该方法的有效性。 Eavesdropping attack hereby was the major attack for traditional network communication. As this kind of at-tacks was stealthy and untraceable, it was barely detectable for those feature detection or static configuration based pas-sive defense approaches. Since existing encryption or dynamic address methods could only confuse part of fields of net-work protocols, they couldn’t form a comprehensive protection. Therefore a moving target defense method by utilizing the protocol customization ability of protocol-oblivious forwarding （POF） was proposed, through private protocol packet randomization strategy and randomly drop deception-packets on dynamic paths strategy. It could greatly increase the dif-ficulty of implementing network eavesdropping attack and protect the privacy of the network communication process. Experiments and compare studies show its efficiency.

作者马多贺李琼林东岱

机构地区中国科学院信息工程研究所信息安全国家重点实验室哈尔滨工业大学计算机学院信息对抗技术研究所

出处《通信学报》 EI CSCD 北大核心 2018年第2期73-87,共15页 Journal on Communications

基金国家重点研发计划课题基金资助项目(No.2017YFB1010000) 国家高技术研究发展计划("863"计划)基金资助项目(No.2015AA016106) 中国科学院信息工程研究所"青年之星"计划基金资助项目(No.Y7Z0201105) 国家自然科学基金资助项目(No.61471141) 深圳市技术攻关基金资助项目(No.JSGG20160427185010977)~~

关键词移动目标防御窃听攻击协议栈随机化网络空间欺骗协议无感知转发 moving target defense, eavesdropping attack, protocol randomization, cyber space deception, proto-col-oblivious forwarding

分类号 TP393 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献3

1张朝昆,崔勇,唐翯翯,吴建平.软件定义网络(SDN)研究进展[J].软件学报,2015,26(1):62-81. 被引量：444
2石乐义,贾春福,吕述望.基于端信息跳变的主动网络防护研究[J].通信学报,2008,29(2):106-110. 被引量：45
3李佟,葛敬国,鄂跃鹏,韩春静,李俊.基于标签的POF网络虚拟化技术研究[J].计算机应用研究,2018,35(2):552-558. 被引量：4

二级参考文献127

1李树军.基于协议转变的拒绝服务攻击技术的研究[J].计算机应用,2006,26(10):2323-2325. 被引量：4
2LEE H, THING V. Port hopping for resilient networks[A]. Conf 60th IEEE Vehicular Technology[C]. 2004.3291-3295.
3BADISHIY G. HERZBERG A, KEIDAR I, et al. Keeping denial-of-service attackers in the dark[A]. Int Symp Distributed Computing (DISC)[C]. Springer-Vedag, 2005.18-31.
4SIFALAKIS M, SCHMID S, HUTCHISON D. Network address hopping: a mechanism to enhance data protection for packet communications[A]. ICC 2005[C]. 2005.1518 - 1523.
5BBN Technologies. Applications that participate in their own defense[EB/OL].http://apod.bbn.com. 2002.
6ATIGHETCHI M, PAL P, WEBBER E et al. Adaptive use of net- work-centric mechanisms in cyber-defense[A]. Proc 6th IEEE Int Syrup Object-Oriented Real-Tune Distributed Computing [C]. 2003. 183-192.
7FERRARI L. The aglets-2.0.2 user's manual[EB/OL], http://aglets. sourceforge.net. 2004.
8Cisco.Cisco Visual Networking Index:Forecast and Methodology,2013-2018.2013.
9Stanford University.Clean slate program.2006.http://cleanslate.stanford.edu/.
10McKeown N.Software-Defined metworking.In:Proc.of the INFOCOM Key Note.2009.http://infocom2009.ieee-infocom.org/ technicalProgram.htm.