[NRG] Tomorrow: OpenFlow Random Host Mutation: Transparent Moving Target Defense using Software Defined Networking (Sanaz Bahargam)

Larissa Spinelli lspinell at bu.edu
Tue Apr 2 10:28:17 EDT 2013


* OpenFlow Random Host Mutation: Transparent Moving Target Defense using
Software Defined Networking*

*Wednesday April 3th - 10am-11am  *
*
MCS 137, 111 Cummington Mall, Boston, MA 02215
*

*Presenter:* Sanaz Bahargam

*Abstract:* Static configurations serve great advantage for adversaries in
discovering network targets and launching attacks. Identifying active IP
addresses in a target domain is a precursory step for many attacks.
Frequently changing hosts’ IP ad- dresses is a novel proactive moving
target defense (MTD) that hides network assets from external/internal
scanners. In this paper, OpenFlow is used to develop a MTD archi- tecture
that transparently mutates IP addresses with high unpredictability and
rate, while maintaining configuration integrity and minimizing operation
overhead. The presented technique is called OpenFlow Random Host Mutation
(OF- RHM) in which the OpenFlow controller frequently assigns each host a
random virtual IP that is translated to/from the real IP of the host. The
real IP remains untouched, so IP mutation is completely transparent to
end-hosts. Named hosts are reachable via the virtual IP addresses acquired
via DNS, but real IP addresses can be only reached by autho- rized
entities. OF-RHM can effectively defend against stealthy scanning, worm
propagation, and other scanning-based attack.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cs-mailman.bu.edu/pipermail/nrg-l/attachments/20130402/5490a622/attachment.html>


More information about the NRG-L mailing list