Author(s)

Li Kechao, Xiong Xinli

Corresponding Author

Li Kechao

Abstract

Reconnaissance of IP address and communication port is prerequisite to network attacks. Static configurations furnish great advantage for the intruder in discovering network targets and launching attacks. In this paper, we present a novel approach that turns end-hosts into unpredictable moving targets by transparently transform their IP addresses or ports intelligently and randomly without sacrificing network performance. OpenHIP is used to develop an MTD architecture that mutates real IP addresses of the host with a high rate or replaces a real port value in the packet with a dynamically changing virtual port. The presented technique is called Random Host Hopping (RHH). Our implementation and evaluation show that RHH can effectively defend against scanning-based attack and performed well in a practical network setup for moving target defense.

Keywords

Moving target defense (MTD), OpenHIP, end-hopping, network security