L2/L3 Address Cooperative Mimicry Strategy Research Based on SDN

WANG Peng-chao; CHEN Fu-cai; CHENG Guo-zhen; CHEN Yang; GU Yun-jie

doi:10.3969/j.issn.0372-2112.2019.10.003

您当前的位置：

首页 >

文章列表页 >

L2/L3 Address Cooperative Mimicry Strategy Research Based on SDN

更新时间：2025-07-16

- L2/L3 Address Cooperative Mimicry Strategy Research Based on SDN
- Acta Electronica Sinica Vol. 47, Issue 10, Pages: 2032-2039(2019)
- 作者机构：
  
  国家数字交换系统工程技术研究中心,河南,郑州,450002
- 作者简介：
- 基金信息：
  
  Emerging Research Project of Information Engineering University (No.2016610708);National Natural Science Foundation of China (No.61602509);NSFC Innovation Research Group (No.61521003);National Key Research and Development Program of China (No.2016YFB0800100, No.2016YFB0800101)
- DOI：10.3969/j.issn.0372-2112.2019.10.003
  CLC： TP393.0
- Published Online：25 October 2019，
  
  Published：2019
- 稿件说明：
移动端阅览
WANG Peng-chao, CHEN Fu-cai, CHENG Guo-zhen, et al. L2/L3 Address Cooperative Mimicry Strategy Research Based on SDN[J]. Acta Electronica Sinica, 2019, 47(10): 2032-2039.
DOI：

WANG Peng-chao, CHEN Fu-cai, CHENG Guo-zhen, et al. L2/L3 Address Cooperative Mimicry Strategy Research Based on SDN[J]. Acta Electronica Sinica, 2019, 47(10): 2032-2039. DOI： 10.3969/j.issn.0372-2112.2019.10.003.

摘要

从网络内部探测目标终端的脆弱性是网络攻击发起的主要途径，当前网络的静态特性利于攻击者目标侦察的实施，网络内部的L2/L3地址是攻击者期望侦察的主要信息.为了改变目标侦察阶段网络攻防的易攻难守态势，基于拟态伪装的思想，提出了一种L2和L3地址协同动态化技术，在不影响正常业务条件下有策略地隐藏真实网络主机.首先，建立网络侦察的博弈模型（CRG），基于NASH均衡解指导L2/L3地址的拟态伪装策略，并给出最优的跳变周期计算公式；其次，基于软件定义网络架构，设计并实现了协同动态化的内网防护系统（CMID），由SDN控制器协同控制L2/L3地址的伪装变换；最后，理论分析与实验结果表明：上述方法能够有效切断L2/L3地址与真实网络身份、上层服务的关联性，最大化地隐藏网络内部主机，延缓侦察速度，阻断网络攻击的连续性.

Abstract

The detection of the vulnerability of the target host from the intranet is the main way to initiate the network attack. The static characteristics of the current network are beneficial to the implementation of attacker reconnaissance

and the L2/L3 address inside the network is the main information that the attacker expects to scout. In order to change the network attack and defense situation in the reconnaissance stage

based on the idea of mimicry camouflage

a collaborative dynamic technology of L2 and L3 addresses is proposed to strategically hide the real network host without affecting normal business conditions. Firstly

the cyber reconnaissance game (CRG) is established.Based on the NASH equilibrium solution

the mimetic camouflage strategy of L2/L3 address is solved

and the optimal mutation period calculation formula is given. Secondly

based on the software-defined network architecture

the cooperative mutation intranet defense system (CMID) is designed and implemented

and the SDN controller cooperatively controls the camouflage transformation of the L2/L3 address. Finally

the theoretical analysis and experimental results show that the above method can effectively cut off the correlation between L2/L3 address and real network identity and upper-layer services

maximally hide the internal hosts of the network

delay the reconnaissance speed

and block the continuity of network attacks.

关键词

Keywords

references

Views

193

下载量

CSCD

Alert me when the article has been cited

提交

Tools

Publicity Resources

QoE-Aware Task Offloading in Edge Computing Environment: Potential Game Approach

Game-Theoretic Analysis for the Secret Sharing Scheme

Adaptive Flow Balancing Algorithm Based on Global Topology Awareness in SDN

Link Utility Based Reliable Routing Algorithm in 3D-VANET

Related Author

LIU Yuan-an

FAN Wen-hao

XIE Gang

SHI Zi-qi

MA Jian-feng

TIAN You-liang

PENG Chang-gen

JI Wen-jiang

Related Institution

School of Electronic Engineering, Beijing University of Posts and Telecommunication

School of Information and Communication Engineering, Beijing University of Posts and Telecommunication

College of Science Guizhou UniversityGuiyangGuizhou 550025China

Key Laboratory of Computer Networks and Information Security (Ministry of Education)Xidian UniversityXi'anShaanxi 710071China

College of Science Guizhou University

⁰