Chaos moving target defense method based on SDN and system thereof

A mobile target defense and purpose technology, applied in the SDN-based Chaos mobile target defense method and system field, can solve problems such as lack of flexibility, easy to cause malicious attackers, host communication confusion protection, etc., to reduce confusion costs and improve confusion efficiency effect

Active Publication Date: 2015-12-09
WUHAN UNIV
View PDF4 Cites 23 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] Since the above-mentioned schemes implement consistent obfuscation protection for all host communications in the intranet, for an enterprise, the flexibility to defend against malicious attackers is lacking, and it is easy to attract the attention of malicious attackers

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Chaos moving target defense method based on SDN and system thereof
  • Chaos moving target defense method based on SDN and system thereof
  • Chaos moving target defense method based on SDN and system thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0052] In order to facilitate those of ordinary skill in the art to understand and implement the present invention, the present invention will be described in further detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the implementation examples described here are only used to illustrate and explain the present invention, and are not intended to limit this invention.

[0053] An SDN-based Chaos moving target defense method provided by the present invention includes a random IP defense method and a confusion defense method; the present invention utilizes a Chaos tower structure to classify hosts in a large network according to the degree of importance, and adopts a traffic legality algorithm according to Chaos The structure of the tower analyzes the communication flow between the current two hosts, and judges whether the access between the two hosts is legal;

[0054] If the access between the two hosts is legal, the random ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a Chaos moving target defense method based on an SDN and a system thereof. Confusion and dynamic change functions of a network system for requesters can be realized by utilizing a Chaos tower algorithm, a confusion defense method and a random IP defense method. Therefore, a Chaos tower structure is designed by the system to grade the hosts of the network according to degree of importance. Confusion defense performs grade confusion on illegal access, and confusion of return information is performed according to the confusion index so that attackers are enabled to receive false information; and when the confusion index excessively high, communication is directly blocked out. Random IP defense is performed on legal flow network access, and flow tables are periodically issued via a controller to perform IP random conversion on legal communication in an intranet environment. Network equipment in the area has extremely high anonymity and fluctuation under the condition of guaranteeing normal information exchange efficiency so that probing of intruders can be defended, attack range is widened and attack cost is increased.

Description

technical field [0001] The invention belongs to the technical field of the Internet, and in particular relates to a novel SDN-based Chaos moving target defense method and system. Background technique [0002] Intranet security has become a new hot spot in information security. Survey data show that 63.6% of enterprise users in my country are at the "high risk" level, and the economic losses caused by network leaks are as high as tens of billions each year. Although most enterprises attach great importance to the issue of intranet security management, and investment in intranet security continues to increase, intranet security is still severe. [0003] Today's enterprise intranets are mostly built on static systems, so those intranet attack tools are also tailored for static networks, such as Nmap, worms, and Cain. Moreover, the cost of intranet security defense is seriously disproportionate to the efforts of malicious attackers to break through the network. Intranet defe...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1408
Inventor 王鹃肖峰文茹黄坚伟林丽丽樊成阳
Owner WUHAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap