The Research And Implementation Of Proactive Defense System Based On Network Topology Dynamic Mutation

Computer network is rapidly developing.However,the result of information leakage and system damage has become increasingly prominent.The static nature of the traditional network system makes it diffcult to attack it: the attacker has enough time to learn a system,finds out the system vulnerabilities,and then selects the appropriate time to start the attack to obtain maximize benefits,and the defender needs to try every bit to ensure the absolute safety of the system.The proposal of moving target defense has changed the concept of traditional network security,which does not pursue the development of a perfect loophole-free network system.Its purpose is to make the network system dynamic,randomized,unpredictable,increase the cost of attacker,and weaken the attacker's asymmetric advantage over the defender.Hosts in the network environment typically communicate using a static IP address.The IP address assigned by the DHCP service can be changed if the lease expires.However,the lease time is fixed,so the IP address of the host is still constant for a long period of time.These static target are,therefore,easy to attack.The attacker will first detect the network topology and collect the information about the network properties.The IP address is the identity of the host in the network environment,which is also the primary detection target of the attacker.If the host IP address in the network environment is statically allocated or remains constant for a long period of time,the network topology is static and deterministic.It will be easy for attacker to detect.Attackers can constantly develop more complex and advanced network detection tools to detect the network,and the static network system is doomed.However,if you can make the identity information of the host,such as the IP address,change randomly,the network topology will become unpredictable,making it more difficult for the attacker to launch an attack,so that the passive position of the defender will be reversed.This thesis follows the idea of moving target defense,and uses virtual network technology to design a proactive defense system based on network topology dynamic changes.The main research work of this thesis is to:(1)Research and analyze the attack process of various network attacks and the shortcomings of traditional network security defense methods,and then propose a proactive defense method based on network tolopogy dynamic changes.(2)Design the whole program of proactive defense system,analyze the technical requirements of every functional module,and build the required operating environment of the proactive system.(3)Implement the proactive system in the LAN environment using the relevant technical means.Finally,Test the validity and stability of the system and analyze the tested result,and summarize the conclusion of the system.