Research Of End Information Hopping For Active Cyber-defense Based On SDN

Since the birth of Internet technology,it has brought great changes to our life.We can get all the information at home with the help of Internet and become more and more dependent on it.At the same time,many network security incidents have occurred,which have brought severe loss to people.So network security is one of the most urgent problems to be solved.Under the background,we carry out the research of end information hopping for active cyber-defense based on software defined network(SDN),in which the end information changes all the time rather than static configuration mode.It can avoid the attacker's attacks and improve the security of network system effectively.Firstly,this paper introduces and analyzes the current situation on international and domestic researches of mimic security defense,end-hopping etc.and expand the research to settle existing problems.Then,the architecture of end information hopping based on SDN is constructed and formalized.We divide the system into several key modules,and discuss the implementation method one by one.There are two core parts in the end information hopping system.One is for the intranet communication,in which the IP address changes according to the method of random walk all the time.It can hide the host address and make it safe.The other is for the extranet communication,including two critical issues: dummy address mapping and synchronization.We design a SDN application to change the mapping relationships of network address gateway constantly,taking advantages of flexibility and easy-control in software defined network.As a result,the data streams are diverse by constantly changing the IP address,port number,protocol etc.to bewilder the attackers.On the basis of above facts and ideas,the prototype implementation has been carried out,which is deployed as the testbed.We apply Mininet to build a virtual network scenario for testing and hping3 to simulate the attacker.The results of this experiment show that the random walk strategy is effective and the end information hopping method based on SDN canraise the invisibility of end information as well as increase the system's resistance to DoS attacks,with little influence to quality of service.Therefore,we can conclude that: the method of double hopping at the inner and outer can effectively improve the comprehensive protection performance of the system.