Implementation architecture of mimic security defense based on SDN
To deal with the attacks employing unknown security vulnerabilities or backdoors which are difficult for traditional defense techniques to eliminate,mimic security defense (MSD) that employs “dynamic,heterogeneity,redundancy (DHR)” mechanism can increase the difficulty and cost of attack and uncerta...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
POSTS&TELECOM PRESS Co., LTD
2017-10-01
|
| Series: | 网络与信息安全学报 |
| Subjects: | |
| Online Access: | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2017.00205 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841530260442578944 |
|---|---|
| author | Zhen-peng WANG Hong-chao HU Guo-zhen CHENG Chuan-hao ZHANG |
| author_facet | Zhen-peng WANG Hong-chao HU Guo-zhen CHENG Chuan-hao ZHANG |
| author_sort | Zhen-peng WANG |
| collection | DOAJ |
| description | To deal with the attacks employing unknown security vulnerabilities or backdoors which are difficult for traditional defense techniques to eliminate,mimic security defense (MSD) that employs “dynamic,heterogeneity,redundancy (DHR)” mechanism can increase the difficulty and cost of attack and uncertainty of system so as to improve network security.Based on the software defined networking (SDN),an implementation architecture of MSD was proposed.First,diverse functional equivalent variants for the protected target were constructed,then leverage the rich programmability and flexibility of SDN to realize the dynamic scheduling and decision-making functions on SDN controller.Simulation and experimental results prove the availability and the intrusion tolerant ability of the architecture. |
| format | Article |
| id | doaj-art-fb2a737634e24066b5c15c03d13dc0f5 |
| institution | Kabale University |
| issn | 2096-109X |
| language | English |
| publishDate | 2017-10-01 |
| publisher | POSTS&TELECOM PRESS Co., LTD |
| record_format | Article |
| series | 网络与信息安全学报 |
| spelling | doaj-art-fb2a737634e24066b5c15c03d13dc0f52025-01-15T03:06:08ZengPOSTS&TELECOM PRESS Co., LTD网络与信息安全学报2096-109X2017-10-013526159551711Implementation architecture of mimic security defense based on SDNZhen-peng WANGHong-chao HUGuo-zhen CHENGChuan-hao ZHANGTo deal with the attacks employing unknown security vulnerabilities or backdoors which are difficult for traditional defense techniques to eliminate,mimic security defense (MSD) that employs “dynamic,heterogeneity,redundancy (DHR)” mechanism can increase the difficulty and cost of attack and uncertainty of system so as to improve network security.Based on the software defined networking (SDN),an implementation architecture of MSD was proposed.First,diverse functional equivalent variants for the protected target were constructed,then leverage the rich programmability and flexibility of SDN to realize the dynamic scheduling and decision-making functions on SDN controller.Simulation and experimental results prove the availability and the intrusion tolerant ability of the architecture.http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2017.00205mimic security defensesoftware defined networkingactive defensedynamic heterogeneous redundancy |
| spellingShingle | Zhen-peng WANG Hong-chao HU Guo-zhen CHENG Chuan-hao ZHANG Implementation architecture of mimic security defense based on SDN 网络与信息安全学报 mimic security defense software defined networking active defense dynamic heterogeneous redundancy |
| title | Implementation architecture of mimic security defense based on SDN |
| title_full | Implementation architecture of mimic security defense based on SDN |
| title_fullStr | Implementation architecture of mimic security defense based on SDN |
| title_full_unstemmed | Implementation architecture of mimic security defense based on SDN |
| title_short | Implementation architecture of mimic security defense based on SDN |
| title_sort | implementation architecture of mimic security defense based on sdn |
| topic | mimic security defense software defined networking active defense dynamic heterogeneous redundancy |
| url | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2017.00205 |
| work_keys_str_mv | AT zhenpengwang implementationarchitectureofmimicsecuritydefensebasedonsdn AT hongchaohu implementationarchitectureofmimicsecuritydefensebasedonsdn AT guozhencheng implementationarchitectureofmimicsecuritydefensebasedonsdn AT chuanhaozhang implementationarchitectureofmimicsecuritydefensebasedonsdn |