Visible to the public A Novel Moving Target Defense Technique to Secure Communication Links in Software-Defined Networks

TitleA Novel Moving Target Defense Technique to Secure Communication Links in Software-Defined Networks
Publication TypeConference Paper
Year of Publication2019
AuthorsAlmohaimeed, A., Asaduzzaman, A.
Conference Name2019 Fifth Conference on Mobile and Secure Services (MobiSecServ)
Keywordscentralized orientation, communication environment, communication links, Computer Network Attacks, computer network management, computer network security, computer networking, Data models, data protection, IP networks, message transmission, moving target defense, moving target defense (MTD), MTD model, MTD-based security model, network architecture, network control, network device, network intruders, network management, novel moving target defense technique, OpenFlow, Predictive Metrics, pubcrawl, Receivers, Resiliency, Routing, Scalability, SDN security model, secure communication, secure communication links, security, security solution, sensitive data leakages, software-defined networking, Software-defined networking (SDN), Software-Defined Networks, Switches, transmitted messages, user identities, user privacy protection, work-in-progress research
AbstractSoftware-defined networking (SDN) is a recently developed approach to computer networking that brings a centralized orientation to network control, thereby improving network architecture and management. However, as with any communication environment that involves message transmission among users, SDN is confronted by the ongoing challenge of protecting user privacy. In this "Work in Progress (WIP)" research, we propose an SDN security model that applies the moving target defense (MTD) technique to protect communication links from sensitive data leakages. MTD is a security solution aimed at increasing complexity and uncertainty for attackers by concealing sensitive information that may serve as a gateway from which to launch different types of attacks. The proposed MTD-based security model is intended to protect user identities contained in transmitted messages in a way that prevents network intruders from identifying the real identities of senders and receivers. According to the results from preliminary experiments, the proposed MTD model has potential to protect the identities contained in transmitted messages within communication links. This work will be extended to protect sensitive data if an attacker gets access to the network device.
Citation Keyalmohaimeed_novel_2019