DDoS Defense using MTD and SDN

Jessica Steinberger, Benjamin Kuhnert, Christian Dietz, Lisa Ball, Anna Sperotto, Harald Baier, Aiko Pras, Gabi Dreo Rodosek

    Research output: Contribution to conferencePaperpeer-review

    16 Citations (Scopus)
    957 Downloads (Pure)

    Abstract

    Distributed large-scale cyber attacks targeting the availability of computing and network resources still remains a serious threat. In order to limit the effects caused by those attacks and to provide a proactive defense, mitigation should move to the networks of Internet Service Providers. In this context, Moving Target Defense (MTD) is a technique that increases uncertainty due to an ever-changing attack surface. In combination with Software Defined Networking (SDN), MTD has the potential to reduce the effects of a large-scale cyber attack. In this paper, we combine the defense techniques moving- target using Software Defined Networking and investigate their effectiveness. We review current moving-target defense strategies and their applicability in context of large-scale cyber attacks and the networks of Internet Service Providers. Further, we enforce the implementation of moving target defense strategies using Software Defined Networks in a collaborative environment. In particular, we focus on ISPs that cooperate among trusted partners. We found that the effects of a large-scale cyber attack can be significantly reduced using the moving-target defense and Software Defined Networking. Moreover, we show that Software Defined Networking is an appropriate approach to enforce implementation of the moving target defense and thus mitigate the effects caused by large-scale cyber attacks.

    Original languageEnglish
    Number of pages9
    DOIs
    Publication statusPublished - 2018
    Event16th IEEE/IFIP Network Operations and Management Symposium 2018: Cognitive Management in a Cyber World - Taipei, Taiwan
    Duration: 23 Apr 201827 Apr 2018
    Conference number: 16
    http://noms2018.ieee-noms.org/

    Conference

    Conference16th IEEE/IFIP Network Operations and Management Symposium 2018
    Abbreviated titleNOMS 2018
    CountryTaiwan
    CityTaipei
    Period23/04/1827/04/18
    Internet address

    Fingerprint

    Dive into the research topics of 'DDoS Defense using MTD and SDN'. Together they form a unique fingerprint.

    Cite this