TPAH: a universal and multi-platform deployable port and address hopping mechanism

Port and address hopping is a novel proactive defense technology motivated by frequency hopping, which is an important and effective component of moving target defense. In this paper, we propose a new technique, called TAP-based Port and Address Hopping (TPAH), which is a universal port and address hopping mechanism fully compatible with the current various mainstream operating system (OS) platforms. The main strength of this mechanism lies in the simplification of both service hiding and attack resistance. We performed experimental analysis and tests through actual implementation to study the effectiveness and the overhead of the mechanism against port scanning, DoS flooding attacks. Our experiments show that the proposed port and address hopping mechanism is effective in mitigating and thwarting various malicious attacks, while introduces a low overhead.