计算机应用研究2016,Vol.33Issue(10):3083-3087,5.DOI:10.3969/j.issn.1001-3695.2016.10.047
基于端口跳变的SD N网络防御技术
Port hopping based SDN network defense technology
摘要
Abstract
Port hopping was a typical technology of moving target defense,which constantly changed service port number to hide service identifications and confused potential attackers.Using SDN logically centralized control and network programma-ble features,this paper proposed a port hopping based SDN network defense technology,which utilized SDN controller to im-plement port hopping function.This proposed technology not only could reduce protected server’s load caused by port hopping,but also could detect and early filter malicious packets.At the same time,it could defend against internal attackers. Theoretical analysis and experimental results show that this proposed technology can effectively resist DoS attack without adding much load on SDN controller in SDN.关键词
软件定义网络/拒绝服务攻击/端口跳变/移动目标防御/控制器/时间戳反馈Key words
software defined network/denial of service attack/port hopping/moving target defense/controller/timestamp feedback分类
信息技术与安全科学引用本文复制引用
唐秀存,张连成,史晓敏,徐良华..基于端口跳变的SD N网络防御技术[J].计算机应用研究,2016,33(10):3083-3087,5.基金项目
国家青年自然科学基金资助项目(61402525,61402526);国家“863”计划资助项目 ()
