Securing Control and Data Planes From Reconnaissance Attacks Using Distributed Shadow Controllers, Reactive and Proactive Approaches
نویسندگان
چکیده
Moving Target Defense (MTD) is an emerging proactive Cyber Security approach. MTD constantly changes the attack surface for making cyber-attacks difficult invaders. Software Defined Networking(SDN) provides dynamic network design capabilities with its centralized control plane. In this paper, SMCDS (SDN based and data planes Security) has been proposed. The framework safeguards against reconnaissance attacks targeted at both planes. concept of distributed shadow controllers introduced securing effect created through use that respond to malicious probing traffic in place actual controller. availability plane enhanced used these as well. proposed adopts reactive approaches servers connected approach capitalizes technique providing defense attacks. security enhancement IP port shuffling. novelty capability provide protection by exploiting SDN was evaluated terms attacker effort, defender cost. From results, it can be observed a low computational prototype implemented using Mininet emulator ONOS
منابع مشابه
QoS-aware composite scheduling using fuzzy proactive and reactive controllers
We consider in this paper downlink scheduling for different traffic classes at the MAC layer of wireless systems based on orthogonal frequency division multiple access (OFDMA), such as the recent 3rd Generation Partnership Project (3GPP) long-term evolution (LTE)/LTE-A wireless standard. Our goal is to provide via the scheduling decisions quality of service (QoS), but also to guarantee fairness...
متن کاملProactive and reactive inhibitory control in rats
Inhibiting actions inappropriate for the behavioral context, or inhibitory control, is essential for survival and involves both reactively stopping the current prepared action and proactively adjusting behavioral tendencies to increase future performance. A powerful paradigm widely used in basic and clinical research to study inhibitory control is the stop signal task (SST). Recent years have s...
متن کاملSecuring Manet from Blackhole and Wormhole Attacks
Mobile Ad-Hoc networks are self-configuring and self-organizing multi-hop wireless networks. They do not have any fixed infrastructure or centralized management. Due to this, the ad hoc networks are vulnerable to attacks. The routing protocol for MANET considered in this paper is AODV(Ad hoc On-demand Distance Vector Routing Protocol). Blackhole and Wormhole nodes are malicious nodes which degr...
متن کاملChanging proxy-server identities as a proactive moving-target defense against reconnaissance for DDoS attacks
We consider a cloud based multiserver system consisting of a set of replica application servers behind a set of proxy (indirection) servers which interact directly with clients over the Internet. We study a proactive moving-target defense to thwart an attacker’s reconnaissance phase and consequently decreases the success rate of the planned attack. The moving-target defense is a dynamic identit...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IEEE Access
سال: 2021
ISSN: ['2169-3536']
DOI: https://doi.org/10.1109/access.2021.3055577