OpenFlow Random Host Mutation: Transparent Moving Target Defense Using Software Defined Networking

Static configurations serve great advantage for adversaries in discovering network targets and launching attacks. Identifying active IP addresses in a target domain is a precursory step for many attacks. Frequently changing hosts' IP addresses is a novel proactive Moving Target Defense (MTD) that hides network assets from external/internal scanners. In this paper, the authors use OpenFlow to develop a MTD architecture that transparently mutates IP addresses with high unpredictability and rate, while maintaining configuration integrity and minimizing operation overhead.