Visible to the public Security and Performance Assessment of IP Multiplexing Moving Target Defence in Software Defined Networks

TitleSecurity and Performance Assessment of IP Multiplexing Moving Target Defence in Software Defined Networks
Publication TypeConference Paper
Year of Publication2019
AuthorsDishington, Cole, Sharma, Dilli P., Kim, Dong Seong, Cho, Jin-Hee, Moore, Terrence J., Nelson, Frederica F.
Conference Name2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE)
KeywordsAnalytical models, comparison techniques, computer network security, flexible random virtual IP multiplexing, frequent address mutation, FRVM, IP multiplexing moving target defence, IP networks, Metrics, Moving Target Defence, moving target defence technique, moving target defense, MTD techniques, Multiplexing, network attacks, network configurations, Performance, performance overhead, performance trade-offs, Probes, Protocols, pubcrawl, realistic evaluation, Reconnaissance, resilience, Resiliency, Scalability, security, security benefit, security techniques, Servers, Software Defined Network, software defined networking, Software Defined Networks, virtualisation, virtualised network
AbstractWith the interconnection of services and customers, network attacks are capable of large amounts of damage. Flexible Random Virtual IP Multiplexing (FRVM) is a Moving Target Defence (MTD) technique that protects against reconnaissance and access with address mutation and multiplexing. Security techniques must be trusted, however, FRVM, along with past MTD techniques, have gaps in realistic evaluation and thorough analysis of security and performance. FRVM, and two comparison techniques, were deployed on a virtualised network to demonstrate FRVM's security and performance trade-offs. The key results include the security and performance trade-offs of address multiplexing and address mutation. The security benefit of IP address multiplexing is much greater than its performance overhead, deployed on top of address mutation. Frequent address mutation significantly increases an attackers' network scan durations as well as effectively obfuscating and hiding network configurations.
DOI10.1109/TrustCom/BigDataSE.2019.00046
Citation Keydishington_security_2019