Active Defense System Based On Dynamic Reconstruction In Software Defined Networks

In traditional networks,defenders must constantly increase the complexity of defenses to protect network systems from attacks,but the system can be destroyed once an attacker finds one or more exploitable vulnerabilities.the data carried in the network is easy to be captured and analyzed.Before an attacker performs an attack,it is more likely to detect the network to find the vulnerability,and may track the information flow at any time for global analysis,and then analyze the vulnerable points in the network.This type of attack is a cyber threat because of its low cost and high efficiency.Moving Target Defense(MTD)is an effective technology to solve these security problems.The controller in the Software Defined Network(SDN)has the global control capability for the entire network,which is beneficial to the better application and development of the MTD technology.To this end,an active defense system based on dynamic reconstruction in software defined networks is designed and implemented: By developing and updating network configuration mutation strategies and optimizing the timing and frequency of mutations,the system achieves proactive defense at the data layer while also ensuring consistency and continuity of network services.Sex and continuity.By modifying the IP address and transmission path of the packet header,the system hides the information exposed on the network,so that the attacker sniffs the network to obtain incorrect or incomplete information,and repeats the intelligence collection phase during the attack,which increases the complexity of successful attacks.However,an unpredictable change attack surface needs to be presented to the attacker in order to keep the defense effective.By changing the IP address and transmission path continuously at a certain frequency,the original analysis results are invalidated,and the availability of the attacker to obtain information is reduced,thereby improving the defense capability of the system.The active defense system based on dynamic reconfiguration in the software-defined network was tested and compared with the system that did not perform dynamic changes.Tests show that the full functionality of the system is implemented,the attacker's sniffing is blocked,and proactive defense is achieved.And for the system,it is a good guarantee for the consistency of the network state when the old and new strategies are converted.