A Scalable and Seamless Connection Migration Scheme for Moving Target Defense in Legacy Networks

Taekeun PARK  Koohong KANG  Daesung MOON  

Publication
IEICE TRANSACTIONS on Information and Systems   Vol.E101-D   No.11   pp.2706-2709
Publication Date: 2018/11/01
Online ISSN: 1745-1361
DOI: 10.1587/transinf.2017ICL0001
Type of Manuscript: Special Section LETTER (Special Section on Information and Communication System Security)
Category: Network Security
Keyword: 
cyber security,  moving target defense,  address mutation,  connection migration,  legacy network,  

Full Text: PDF(298.9KB)
>>Buy this Article


Summary: 
In this paper, we propose a scalable and seamless connection migration scheme for moving target defense in legacy networks. The main idea is that a host is allowed to receive incoming packets with a destination address that is either its current IP address or its previous IP address for a period of time because the host does not physically move into another network. Experimental results show that our scheme outperforms the existing connection migration mechanism regardless of the number of active connections in the host.