Logo PTI Logo FedCSIS

Proceedings of the 20th Conference on Computer Science and Intelligence Systems (FedCSIS)

Annals of Computer Science and Information Systems, Volume 43

Hybrid mutation MTD solution with dedicated SDN agents

,

DOI: http://dx.doi.org/10.15439/2025F3136

Citation: Proceedings of the 20th Conference on Computer Science and Intelligence Systems (FedCSIS), M. Bolanowski, M. Ganzha, L. Maciaszek, M. Paprzycki, D. Ślęzak (eds). ACSIS, Vol. 43, pages 145154 ()

Full text

Abstract. Reconnaissance is a crucial stage of cyberattacks, enabling attackers to gather information about system vulnerabilities. In computer networks, data regarding addressing and transmission paths is especially sensitive. This paper introduces a concept for a hybrid mutation system based on Software Defined Networking (SDN), combining address and data path mutation to improve security. The system employs central network management and pseudorandom, temporary addressing, which is periodically reconfigured. In contrast to existing Moving Target Defense (MTD) address mutation methods, end devices connect through dedicated agents, which can be implemented using a SmartNIC. The agent modifies packet headers at a network edge to obfuscate address information, minimizing the processing burden on SDN switches inside a network. The objective is to hinder attackers from discovering network details that could be exploited. A prototype was implemented using typical SDN components and containerized end devices. Tests confirmed the system's correctness and effectiveness in protecting the network structure and communication paths. This approach enhances the confidentiality of network parameters and limits the information available to potential attackers, making reconnaissance significantly more difficult, while minimizing SDN network control overhead.

References

  1. M. S. Khan, S. Siddiqui, and K. Ferens, “A cognitive and concurrent cyber kill chain model,” Computer and Network Security Essentials, pp. 585–602, 8 2017. https://dx.doi.org/10.1007/978-3-319-58424-9_34/FIGURES/4
  2. M. Albanese, “From cyber situational awareness to adaptive cyber defense: Leveling the cyber playing field,” Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 11170 LNCS, pp. 1–23, 2018. https://dx.doi.org/10.1007/978-3-030-04834-1_1/FIGURES/12
  3. Fred, R. Lee, A. Acquisti, W. Horne, C. Palmer, A. Ghosh, D. Pendarakis, W. Sanders, E. Fleischman, H. Teufel III, and others Chong, “National cyber leap year summit 2009 co-chairs report, networking and information technology research and development,” 9 2009.
  4. S. Jajodia, A. K. Ghosh, V. Swarup, C. Wang, and X. S. Wang, Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats, 1st ed. Springer Publishing Company, Incorporated, 2011. ISBN 1461409764
  5. L. Jalowski, M. Zmuda, and M. Rawski, “A survey on moving target defense for networks: A practical view,” Electronics 2022, Vol. 11, Page 2886, vol. 11, p. 2886, 9 2022. https://dx.doi.org/10.3390/ELECTRONICS11182886
  6. E. Al-Shaer, Q. Duan, and J. H. Jafarian, “Random host mutation for moving target defense,” Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, vol. 106 LNICS, pp. 310–327, 2013. https://dx.doi.org/10.1007/978-3-642-36883-7_19
  7. C. Gudla and A. H. Sung, “Moving target defense discrete host address mutation and analysis in sdn,” Proceedings - 2020 International Conference on Computational Science and Computational Intelligence, CSCI 2020, pp. 55–61, 12 2020. https://dx.doi.org/10.1109/CSCI51800.2020.00017
  8. M. Rawski, “Network topology mutation as moving target defense for corporate networks,” International Journal of Electronics and Telecommunications, vol. 65, pp. 571–577, 2019. https://dx.doi.org/10.24425/IJET.2019.129814
  9. L. Zhang, Q. Wei, K. Gu, and H. Yuwen, “Path hopping based sdn network defense technology,” 2016 12th International Conference on Natural Computation, Fuzzy Systems and Knowledge Discovery, ICNC-FSKD 2016, pp. 2058–2063, 10 2016. https://dx.doi.org/10.1109/FSKD.2016.7603498
  10. A. Chowdhary, D. Huang, A. Alshamrani, and H. Liang, “Mtd analysis and evaluation framework in software defined network (mason),” SDNNFVSec 2018 - Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, Co-located with CODASPY 2018, vol. 2018-January, pp. 43–48, 3 2018. https://dx.doi.org/10.1145/3180465.3180473
  11. K. Cabaj, J. Wytrbowicz, S. Kukliski, P. Radziszewski, and K. T. Dinh, “SDN Architecture Impact on Network Security,” in Position Papers of the 2014 Federated Conference on Computer Science and Information Systems (FedCSIS), ser. Annals of Computer Science and Information Systems, M. Ganzha, L. Maciaszek, and M. Paprzycki, Eds., vol. 3. IEEE/Polish Information Processing Society, 2014. https://dx.doi.org/10.15439/2014F473 pp. 143–148. [Online]. Available: http://dx.doi.org/10.15439/2014F473
  12. E. F. Kfoury, S. Choueiri, A. Mazloum, A. Alsabeh, J. Gomez, and J. Crichigno, “A comprehensive survey on smartnics: Architectures, development models, applications, and research directions,” IEEE Access, vol. 12, pp. 107 297–107 336, 2024. https://dx.doi.org/10.1109/ACCESS.2024.3437203
  13. J. H. Jafarian, E. Al-Shaer, and Q. Duan, “Openflow random host mutation: transparent moving target defense using software defined networking,” in Proceedings of the First Workshop on Hot Topics in Software Defined Networks, ser. HotSDN ’12. New York, NY, USA: Association for Computing Machinery, 2012. https://dx.doi.org/10.1145/2342441.2342467. ISBN 9781450314770 p. 127132. [Online]. Available: https://doi.org/10.1145/2342441.2342467
  14. S. Wang, L. Zhang, and C. Tang, “A new dynamic address solution for moving target defense,” in 2016 IEEE Information Technology, Networking, Electronic and Automation Control Conference, 2016. https://dx.doi.org/10.1109/ITNEC.2016.7560545 pp. 1149–1152.
  15. A. Almohaimeed and A. Asaduzzaman, “A novel moving target defense technique to secure communication links in software-defined networks,” in 2019 Fifth Conference on Mobile and Secure Services (MobiSecServ), 2019. https://dx.doi.org/10.1109/MOBISECSERV.2019.8686530 pp. 1–4.
  16. D. C. MacFarland and C. A. Shue, “The sdn shuffle: Creating a moving-target defense using host-based software-defined networking,” in Proceedings of the Second ACM Workshop on Moving Target Defense, ser. MTD ’15. New York, NY, USA: Association for Computing Machinery, 2015. https://dx.doi.org/10.1145/2808475.2808485. ISBN 9781450338233 p. 3741.