Research and analysis on spatial adaptive strategy of End-hopping system

In this paper, a spatial adaptive strategy for End-hopping systems is proposed, based on the study of attack-defense models. It has been conceived as a combination of adaptive and End-hopping technologies. Modules such as attack detection, feedback transmission and adaptive control are added to the original End-hopping system model. Then, guidance is put forward for next hop with the help of real-time evaluation on each hopping node. Furthermore, investigations are provided on how to adjust related parameters automatically, according to the network communication status and the degree according to which the nodes are attacked. The new system can maintain good service efficiency as well as high security. This technique is applied to the End-hopping prototype system. By presenting different attack experiments on a prototype system, the feasibility and effectiveness of such End-hopping technique are shown.

[1]  Idit Keidar,et al.  Keeping Denial-of-Service Attackers in the Dark , 2007, IEEE Trans. Dependable Secur. Comput..

[2]  Steffen Wendzel,et al.  Design and Implementation of an Active Warden Addressing Protocol Switching Covert Channels , 2012 .

[3]  Ehab Al-Shaer,et al.  Toward Network Configuration Randomization for Moving Target Defense , 2011, Moving Target Defense.

[4]  H.C.J. Lee,et al.  Port hopping for resilient networks , 2004, IEEE 60th Vehicular Technology Conference, 2004. VTC2004-Fall. 2004.

[5]  Tomas Olovsson,et al.  Mapping Systems Security Research at Chalmers , 2011, 2011 First SysSec Workshop.

[6]  Ehab Al-Shaer,et al.  Openflow random host mutation: transparent moving target defense using software defined networking , 2012, HotSDN '12.

[7]  Zhang Fu Mitigating Distributed Denial-of-Service Attacks: Application-Defense and Network-Defense Methods , 2011, 2011 Seventh European Conference on Computer Network Defense.

[8]  Sebastian Zander,et al.  Detecting protocol switching covert channels , 2012, 37th Annual IEEE Conference on Local Computer Networks.

[9]  David Hutchison,et al.  Network address hopping: a mechanism to enhance data protection for packet communications , 2005, IEEE International Conference on Communications, 2005. ICC 2005. 2005.

[10]  Chunfu Jia,et al.  Research on Spatial Adaptive Strategy of End-Hopping System , 2013, 2013 Fourth International Conference on Emerging Intelligent Data and Web Technologies.

[11]  Idit Keidar,et al.  An Empirical Study of Denial of Service Mitigation Techniques , 2008, 2008 Symposium on Reliable Distributed Systems.

[12]  Lu Kai Plug-in policy for DoS attack defense mechanism based on end hopping , 2009 .