OpenFlow Random Host Mutation: Transparent Moving Target Defense Using Software Defined Networking

Free registration required

Executive Summary

Static configurations serve great advantage for adversaries in discovering network targets and launching attacks. Identifying active IP addresses in a target domain is a precursory step for many attacks. Frequently changing hosts' IP addresses is a novel proactive Moving Target Defense (MTD) that hides network assets from external/internal scanners. In this paper, the authors use OpenFlow to develop a MTD architecture that transparently mutates IP addresses with high unpredictability and rate, while maintaining configuration integrity and minimizing operation overhead.

  • Format: PDF
  • Size: 574.1 KB