Research On Adaptive Strategies For End-hopping System

In recent years, with the rapid development of computer network technology,people benefit a lot from the convenience brought about by the Internet. However,when the hosts are connected to the Internet, they will become potential attack targets.The adversaries often grab useful information and even try to interfere or destroynormal network communication by the means of interception, juggling, deception,session hijacking, denial of service, and etc. One of the most destructive form also themost difficult to defend is the distributed denial of service attack. In a DDoS attack,the adversary can flood almost any type of packets.End-hopping technology is a typical application that frequency hopping thoughtis applied in network defending. It is a kind of proactive network defense. Simpleuniform End-hopping under the fixed strategy has good defense effect on thetraditional large-scale network attacks. Nowadays, with the development of attackingtechnology, however, the attacker often implement scanning and detecting firstly,before launching an effective attack. And then, with the help of the information, theycan locate the target, and narrow the range of victims. The system using the existinghopping strategy can’t withstand the follow attack and the supervised half blind attackfrom the adversary. In this circumstance, efficiency and security of the service will beunder serious threat.Aiming at these problems, adaptive strategies for End-hopping system areproposed in this dissertation, based on the study of attack-defense model. It is acombination of adaptive technology and End-hopping technology. Modules such asattack detection, feedback transmission and adaptive control are added to the originalhopping system. Then, guidance is put forward for next hop with the help of thereal-time evaluation on each hopping node. Furthermore, investigations are providedon how to adjust related parameters automatically, according to the situations ofnetwork communication and the degree to which the nodes are attacked. New systemcan maintain good service efficiency as well as high security. The main work can be summarized as follows.1. Formalization description and analysis on End-hopping. Strict formaldescription is put forward on End-hopping technology with relevant definitions,based on which system model is established. Comprehensive analysis and summaryare proposed on the core technology of End-hopping from the aspects such as statusof hopping collaboration, selection of hopping variables, pseudo-random sequence,synchronous strategy, transfer mode of synchronous information, hopping strategy,service switching technology, and etc.2. Research on confrontation model of End-hopping system. The mathematicaldescription on attack-defense model is put forward under the service of End-hopping.Definitions of direct attack, follow attack and half blind attack are given. Derivationsof some important parameters are inferred. These include packet delivery probabilityunder direct attack, cost of service switching under follow attack, packet deliveryprobability under blind attack, and so on. Based on that, discussions are carried onabout the influencing factors of the serviceability and anti-attack ability ofEnd-hopping system. Moreover, optimal strategies are explored respectively forattacker and defender.3. Research on adaptive strategies for End-hopping system. The disadvantages ofsimple uniform End-hopping under the fixed strategy are analyzed with theconclusion that the existing system strategy can’t withstand the follow attack and thesupervised half blind attack from the adversary. Then discussions are put forward onhow to solve this problem. With the combination of Adaptive technology andEnd-hopping technology, adaptive strategies are proposed for the End-hoppingsystem. Related researches are put forward on the key issues of the new strategies.Time adaptive strategy and space adaptive strategy are established on the temporaldimension and spatial dimension respectively, and then the space-time mixedadaptive strategy is proposed. Difficulties such as real-time detection of the attack,judgment of the attack type, and strategy adjustment of the control center are allsolved. The experimental data show that after adaptive strategies are applied, theEnd-hopping system will have more anti-attack ability, and it can also maintain thegood practicability and serviceability. 4. Design and realization of the End-hopping system. Implementationtechnology is studied of End-hopping proactive defense strategy. A new technique isdesigned and realized referred to as “Hopping Agent”. It has the advantages such asmore simplicity to implement, lower costs for hopping, higher expandability, and soon. And this technique is applied to the End-hopping prototype system. By differentexperiments attacking the prototype system, the feasibility and effectiveness ofEnd-hopping technique are proven.