通信学报2017,Vol.38Issue(10):102-112,11.DOI:10.11959/j.issn.1000-436x.2017202
基于OpenFlow的网络层移动目标防御方案
Moving target defense solution on network layer based on OpenFlow
摘要
Abstract
In order to take an active part in network attack and defense, a moving target defense solution on network layer based on OpenFlow was proposed, using the flexibility of network brought by OpenFlow network architecture. On the network layer, through mapping the correspondent nodes' addresses to pseudo-random virtual addresses in the LAN and mapping correspondent nodes' ports to virtual ports, achieving the hiding of correspond nodes in the whole network and the information of network architecture. Researches verify the system's effectiveness. Comparing with existing moving target defense solutions, the proposed algorithm can be deployed easily in the traditional network, and realize compre-hensive protection of the corresponding in the whole network.关键词
主动防御/OpenFlow/移动目标防御Key words
active defense/OpenFlow/moving target defense分类
信息技术与安全科学引用本文复制引用
胡毅勋,郑康锋,杨义先,钮心忻..基于OpenFlow的网络层移动目标防御方案[J].通信学报,2017,38(10):102-112,11.基金项目
国家重点研发计划基金资助项目(No.2017YFB0802703) (No.2017YFB0802703)
国家自然科学基金资助项目(No.61602052)The National Key Research and Development Program of China (No.2017YFB0802703), The National Natural Science Foundation of China (No.61602052) (No.61602052)
