Research Article
A SDN Proactive Defense Scheme Based on IP and MAC Address Mutation
377 downloads
@INPROCEEDINGS{10.1007/978-3-319-72998-5_6, author={Liancheng Zhang and Zhenxing Wang and Jiabao Fang and Yi Guo}, title={A SDN Proactive Defense Scheme Based on IP and MAC Address Mutation}, proceedings={Wireless Internet. 9th International Conference, WICON 2016, Haikou, China, December 19-20, 2016, Proceedings}, proceedings_a={WICON}, year={2018}, month={1}, keywords={Address mutation Address hopping Software defined network Moving target defense Proactive defense}, doi={10.1007/978-3-319-72998-5_6} }- Liancheng Zhang
Zhenxing Wang
Jiabao Fang
Yi Guo
Year: 2018
A SDN Proactive Defense Scheme Based on IP and MAC Address Mutation
WICON
Springer
DOI: 10.1007/978-3-319-72998-5_6
Abstract
Existing address hopping technologies are hard to be deployed and implemented, at the same time, they only randomly hop IP address information of one communication node or both communication nodes, so they can’t protect their identifications on data link layer. In order to deal with these problems, a SDN proactive defense scheme based on IP and MAC address mutation is proposed, which realizes IP and MAC address mutation along the transmission path by installing corresponding address mutation flow entries to intermediate OpenFlow switches. Theoretical analysis and experimental results show that this scheme can resist network interception and analysis attack with a relatively low transmission and processing costs.
Copyright © 2016–2024 EAI