The Design and Research for Network Address Space Randomization in OpenFlow Network
The Design and Research for Network Address Space Randomization in OpenFlow Network作者机构:State Key Laboratory of Mathematical Engineering and Advanced Computing Zhengzhou China
出 版 物:《Journal of Computer and Communications》 (电脑和通信(英文))
年 卷 期:2015年第3卷第5期
页 面:203-211页
学科分类:081203[工学-计算机应用技术] 08[工学] 0835[工学-软件工程] 0812[工学-计算机科学与技术(可授工学、理学学位)]
主 题:IP Conversion OpenFlow Moving Target Defense Floodlight Hitlist Worms
摘 要:By allocating IP address and changing IP address in source and destination hosts, network address space randomization is committed to construct a dynamic and heterogeneous network to decrease the attacking possibility and predictability. The research mainly deploys the features of OpenFlow network including data plane and control plane decoupling, centralized control of the network and dynamic updating of forwarding rules, combines the advantages of the network address space randomization technology with the features of the OpenFlow network, and designs a novel resolution towards IP conversion in Floodlight controller. The research can help improve the unpredictability and decrease the possibility of worm attacking and IP sniffing by IP allocation.
维普期刊数据库