MT6D: A Moving Target IPv6 Defense

Dunlop, Matthew; Groat, Stephen; Urbanski, William; Marchany, Randy; Tront, Joseph G.

doi:10.1109/milcom.2011.6127486

Cited by 146 publications

(73 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…HIDE (Host IDEntify anonymization) is an MTD technology that uses a honeypot cloud based on RHM and adds the concepts of fingerprint mutation and decoy node operation [11]. Moving target IPv6 defense (MT6D) is a technology for generating addresses using a cryptographic algorithm with timestamps in an IPv6-based network environment [12]. Decoy-enhanced seamless IP randomization (DESIR) undertakes seamless connection migration to prevent service disconnections due to server address changes [13].…”

Section: Related Workmentioning

confidence: 99%

Secure Cyber Deception Architecture and Decoy Injection to Mitigate the Insider Threat

et al. 2018

View full text Add to dashboard Cite

Abstract:We propose a novel dynamic host mutation (DHM) architecture based on moving target defense (MTD) that can actively cope with cyberattacks. The goal of the DHM is to break the cyber kill chain, expand the attack surface to increase the attacker's target analysis cost, and disrupt the attacker's fingerprinting to disable the server trace. We define the participating entities that share the MTD policy within the enterprise network or the critical infrastructure, and define functional modules of each entity for DHM enforcement. The threat model of this study is an insider threat of a type not considered in previous studies. We define an attack model considering an insider threat and propose a decoy injection mechanism to confuse the attacker. In addition, we analyze the security of the proposed structure and mechanism based on the security requirements and propose a trade-off considering security and availability.

show abstract

Section: Related Workmentioning

confidence: 99%

Secure Cyber Deception Architecture and Decoy Injection to Mitigate the Insider Threat

et al. 2018

View full text Add to dashboard Cite

show abstract

“…Badishi et al [6] proposed a random port-hopping scheme to defend against DDoS attacks by changing the communication ports. Dunlop et al [7] developed a Moving Target IPv6 Defense (MT6D) that leverages the immense address space of IPv6, which can maintain user privacy and protect against targeted network attacks by repeatedly rotating the addresses of both the sender and receiver. Morrell et al [8] modified the MT6D protocol, leveraging a distributed hash tablebased blind rendezvous scheme.…”

Section: Related Workmentioning

confidence: 99%

A Defense Mechanism of Random Routing Mutation in SDN

Liu

Zhang

Guo³

2017

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

SUMMARYFocused on network reconnaissance, eavesdropping, and DoS attacks caused by static routing policies, this paper designs a random routing mutation architecture based on the OpenFlow protocol, which takes advantages of the global network view and centralized control in a software-defined network. An entropy matrix of network traffic characteristics is constructed by using volume measurements and characteristic measurements of network traffic. Random routing mutation is triggered according to the result of network anomaly detection, which using a wavelet transform and principal component analysis to handle the above entropy matrix for both spatial and temporal correlations. The generation of a random routing path is specified as a 0-1 knapsack problem, which is calculated using an improved ant colony algorithm. Theoretical analysis and simulation results show that the proposed method not only increases the difficulty of network reconnaissance and eavesdropping but also reduces the impact of DoS attacks on the normal communication in an SDN network.

show abstract

“…Dunlop et al [17] develop the Moving Target IPv6 Defense (MT6D), which takes advantage of IPv6 networks allowing nodes to advertise their own addresses. MT6D encapsulates TCP in UDP to prevent TCP connection disruptions from address rotations, and rotates address using a new computed obscured IPv6 header (i.e.…”

Section: Related Workmentioning

confidence: 99%

RPAH: A Moving Target Network Defense Mechanism Naturally Resists Reconnaissances and Attacks

Luo

Wang

Zhang

et al. 2017

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

SUMMARYNetwork servers and applications commonly use static IP addresses and communication ports, making themselves easy targets for network reconnaissances and attacks. Moving target defense (MTD) is an innovatory and promising proactive defense technique. In this paper, we develop a novel MTD mechanism, called Random Port and Address Hopping (RPAH). The goal of RPAH is to hide network servers and applications and resist network reconnaissances and attacks by constantly changing their IP addresses and ports. In order to enhance the unpredictability, RPAH integrates source identity, service identity and temporal parameter in the hopping to provide three hopping frequencies, i.e., source hopping, service hopping and temporal hopping. RPAH provides high unpredictability and the maximum hopping diversities by introducing port and address demultiplexing mechanism, and provides a convenient attack detection mechanism with which the messages from attackers using invalid or inactive addresses/ports will be conveniently detected and denied. Our experiments and evaluation on campus network and PlanetLab show that RPAH is effective in resisting various network reconnaissance and attack models such as network scanning and worm propagation, while introducing an acceptable operation overhead. key words: port and address hopping, moving target defense, network security, reconnaissance

show abstract

MT6D: A Moving Target IPv6 Defense

Cited by 146 publications

References 6 publications

Secure Cyber Deception Architecture and Decoy Injection to Mitigate the Insider Threat

Secure Cyber Deception Architecture and Decoy Injection to Mitigate the Insider Threat

A Defense Mechanism of Random Routing Mutation in SDN

RPAH: A Moving Target Network Defense Mechanism Naturally Resists Reconnaissances and Attacks

Contact Info

Product

Resources

About