Open AccessTowards Countering the Insider Reconnaissance Using a Combination of Shuffling and Diversity Moving Target Defense Techniques
Author(s) -
Muhammad Faraz Hyder,
. Waseemullah,
M. Farooq
Publication year - 2021
Publication title -
engineering, technology and applied science research/engineering, technology and applied science research
Language(s) - English
Resource type - Journals
eISSN - 2241-4487
pISSN - 1792-8036
DOI - 10.48084/etasr.4417
Subject(s) - shuffling , computer science , insider , insider threat , computer network , implementation , computer security , server , distributed computing , software engineering , political science , law , programming language
Moving Target Defense (MTD) has recently emerged as a significant cybersecurity technique. Software-Defined Networking (SDN) has the capability to design efficient network architecture due to its programmability and centralized control management. In this paper, a mechanism for the protection against insider reconnaissance has been proposed using a combination of diversity and a shuffling-based approach of MTD. In order to implement the shuffling technique, IP shuffling is used in the insider network. The IP addresses of internal hosts are mapped via real to virtual IP mapping through random IP generation from a pseudo-random mechanism. For the diversity, a multiple servers’ platform is incorporated for different critical LAN services like Domain Name System (DNS), internal web services, etc. This combined diversity and shuffling approach significantly counters the insider reconnaissance targeting critical LAN services. The proposed scheme also exploited open-source IDS to block insider reconnaissance. The proposed solution was implemented using ONOS SDN controller, Mininet simulator, Snort IDS systems. The experimental results substantiate effective protection against insider network reconnaissance at a low computational cost.