Toward Network Configuration Randomization for Moving Target Defense
暂无分享,去创建一个
This chapter presents a moving target defense architecture called Mutable Networks or MUTE. MUTE enables networks to change their configurations such as IP address and routes randomly and dynamically while preserving the requirements and integrity of network operation. The main goal of MUTE is to hinder the adversary’s capabilities in scanning or discovering network targets, launching DoS attacks and creating botnets structure. This chapter presents the challenges and applications of moving target defense and it also presents a formal approach for creating valid mutation of network configurations.
[1] Ehab Al-Shaer,et al. Network configuration in a box: towards end-to-end verification of network reachability and security , 2009, 2009 17th IEEE International Conference on Network Protocols.
[2] Ehab Al-Shaer,et al. FireCracker: A Framework for Inferring Firewall Policies using Smart Probing , 2007, 2007 IEEE International Conference on Network Protocols.
[3] Ehab Al-Shaer,et al. Modeling and verification of IPSec and VPN security policies , 2005, 13TH IEEE International Conference on Network Protocols (ICNP'05).