z-logo
open-access-imgOpen Access
Towards Enhancing the Endpoint Security using Moving Target Defense (Shuffle-based Approach) in Software Defined Networking
Author(s) -
Muhammad Faraz Hyder,
. Waseemullah,
M. Farooq,
Usman Ahmed,
Wasim Raza
Publication year - 2021
Publication title -
engineering, technology and applied science research/engineering, technology and applied science research
Language(s) - English
Resource type - Journals
eISSN - 2241-4487
pISSN - 1792-8036
DOI - 10.48084/etasr.4316
Subject(s) - computer science , computer network , software defined networking , network security , computer security , host (biology) , virtual network , software , ip address spoofing , distributed computing , internet protocol , ip address management , the internet , operating system , ecology , biology
Static IP addresses make the network vulnerable to different attacks and once the machines are compromised, any sensitive information within the network can be spoofed. Moving Target Defense (MTD) provides an efficient mechanism for proactive security by constantly changing different system attributes. Software Defined Networks (SDNs) provide greater flexibility in designing security solutions due to their centralized management and programming capabilities. In this paper, a mechanism for the protection of endpoint security is developed using IP address host shuffling. In the proposed approach, the real IP address of the host is masked and a virtual IP address is assigned. The virtual IPs are mined from the pool of unassigned IP addresses. The address pool is created using a pseudo-random number generator to guarantee high randomness. This approach helps in invalidating the intelligence gathered by the adversaries through the changes in the network configuration that will disturb attack execution, eventually leading to attack failure. Transparency is attained via preserving the actual IP intact and mapping a virtual IP to it. The proposed solution is implemented using the RYU Controller and Mininet. The efficient results obtained from the experiments substantiate the effectiveness of the MTD approach for enhancing endpoint security.

The content you want is available to Zendy users.

Already have an account? Click here to sign in.
Having issues? You can contact us here