Design of a Protected Server Network with Decoys for Network-based Moving Target Defense
In recent years, a new approach to cyber security, called the moving target defense, has emerged as a potential solution to the challenge of static systems. In this paper, we design a protected server network with a large number of decoys to anonymize the protected servers that dynamically mutate th...
Saved in:
| Published in | 韓國컴퓨터情報學會論文誌 Vol. 23; no. 9; pp. 57 - 64 |
|---|---|
| Main Authors | , , |
| Format | Journal Article |
| Language | Korean |
| Published |
한국컴퓨터정보학회
2018
|
| Subjects | |
| Online Access | Get full text |
| ISSN | 1598-849X 2383-9945 |
| DOI | 10.9708/jksci.2018.23.09.057 |
Cover
| Abstract | In recent years, a new approach to cyber security, called the moving target defense, has emerged as a potential solution to the challenge of static systems. In this paper, we design a protected server network with a large number of decoys to anonymize the protected servers that dynamically mutate their IP address and port numbers according to Hidden Tunnel Networking, which is a network-based moving target defense scheme. In the network, a protected server is one-to-one mapped to a decoy-bed that generates a number of decoys, and the decoys share the same IP address pool with the protected server. First, the protected server network supports mutating the IP address and port numbers of the protected server very frequently regardless of the number of decoys. Second, it provides independence of the decoy-bed configuration. Third, it allows the protected servers to freely change their IP address pool. Lastly, it can reduce the possibility that an attacker will reuse the discovered attributes of a protected server in previous scanning. We believe that applying Hidden Tunnel Networking to protected servers in the proposed network can significantly reduce the probability of the protected servers being identified and compromised by attackers through deploying a large number of decoys. |
|---|---|
| AbstractList | In recent years, a new approach to cyber security, called the moving target defense, has emerged as a potential solution to the challenge of static systems. In this paper, we design a protected server network with a large number of decoys to anonymize the protected servers that dynamically mutate their IP address and port numbers according to Hidden Tunnel Networking, which is a network-based moving target defense scheme. In the network, a protected server is one-to-one mapped to a decoy-bed that generates a number of decoys, and the decoys share the same IP address pool with the protected server. First, the protected server network supports mutating the IP address and port numbers of the protected server very frequently regardless of the number of decoys. Second, it provides independence of the decoy-bed configuration. Third, it allows the protected servers to freely change their IP address pool. Lastly, it can reduce the possibility that an attacker will reuse the discovered attributes of a protected server in previous scanning. We believe that applying Hidden Tunnel Networking to protected servers in the proposed network can significantly reduce the probability of the protected servers being identified and compromised by attackers through deploying a large number of decoys. KCI Citation Count: 2 In recent years, a new approach to cyber security, called the moving target defense, has emerged as a potential solution to the challenge of static systems. In this paper, we design a protected server network with a large number of decoys to anonymize the protected servers that dynamically mutate their IP address and port numbers according to Hidden Tunnel Networking, which is a network-based moving target defense scheme. In the network, a protected server is one-to-one mapped to a decoy-bed that generates a number of decoys, and the decoys share the same IP address pool with the protected server. First, the protected server network supports mutating the IP address and port numbers of the protected server very frequently regardless of the number of decoys. Second, it provides independence of the decoy-bed configuration. Third, it allows the protected servers to freely change their IP address pool. Lastly, it can reduce the possibility that an attacker will reuse the discovered attributes of a protected server in previous scanning. We believe that applying Hidden Tunnel Networking to protected servers in the proposed network can significantly reduce the probability of the protected servers being identified and compromised by attackers through deploying a large number of decoys. |
| Author | 박태근(Tae-Keun Park) 박경민(Kyung-Min Park) 문대성(Dae-Sung Moon) |
| Author_xml | – sequence: 1 fullname: 박태근(Tae-Keun Park) – sequence: 2 fullname: 박경민(Kyung-Min Park) – sequence: 3 fullname: 문대성(Dae-Sung Moon) |
| BackLink | https://www.kci.go.kr/kciportal/ci/sereArticleSearch/ciSereArtiView.kci?sereArticleSearchBean.artiId=ART002385932$$DAccess content in National Research Foundation of Korea (NRF) |
| BookMark | eNpF0E1PGzEQBmCrAqlp4B_04AsHDrv1erxr-xgRPgsEkRxysxzvOLgL68pegvLvu4WqnN7R6NFI834jB33skZDvFSu1ZOrHry67UHJWqZJDyXTJavmFTDgoKLQW9QGZVLVWhRJ6_ZUc5xw2DBouNa-bCVnPMYdtT6Onlj6kOKAbsKVLTDtM9B6Ht5g6-haGJzpHF_eZ-vh_X2xsHvFd3IV-S1c2bXEYmcc-4xE59PY54_G_nJLlxfnq7Kq4XVxen81ui04LVrS8Ys5trAdsrVMNU1bJVkqJrlasRi65UMJr79vxISYQmhZE5UBtKs4BpuT042qfvOlcMNGG99xG0yUze1xdG5ANgNKjPfmwXchDMH2bn83N7Ofib3VQgeACNEj4dP1rCi_YBmt-j4NNe3O_mJ8zWY_1AYM_RkBwPA |
| ContentType | Journal Article |
| DBID | DBRKI TDB JDI ACYCR |
| DEWEY | 651.8 |
| DOI | 10.9708/jksci.2018.23.09.057 |
| DatabaseName | DBPIA - 디비피아 Nurimedia DBPIA Journals KoreaScience Korean Citation Index |
| DatabaseTitleList | |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Business |
| EISSN | 2383-9945 |
| EndPage | 64 |
| ExternalDocumentID | oai_kci_go_kr_ARTI_3763389 JAKO201831342439373 NODE07536230 |
| GroupedDBID | .UV ALMA_UNASSIGNED_HOLDINGS DBRKI TDB JDI ACYCR M~E |
| ID | FETCH-LOGICAL-k940-d210ccbaf3edac8608a87d777ec5805e272484f9ffd23804e36d341c38b12233 |
| ISSN | 1598-849X |
| IngestDate | Tue Nov 21 21:34:09 EST 2023 Fri Dec 22 11:58:39 EST 2023 Thu Feb 06 13:38:10 EST 2025 |
| IsDoiOpenAccess | true |
| IsOpenAccess | true |
| IsPeerReviewed | false |
| IsScholarly | false |
| Issue | 9 |
| Keywords | protected server mutation cyber security decoy Network-based moving target defense |
| Language | Korean |
| LinkModel | OpenURL |
| MergedId | FETCHMERGED-LOGICAL-k940-d210ccbaf3edac8608a87d777ec5805e272484f9ffd23804e36d341c38b12233 |
| Notes | KISTI1.1003/JNL.JAKO201831342439373 |
| OpenAccessLink | http://click.ndsl.kr/servlet/LinkingDetailView?cn=JAKO201831342439373&dbt=JAKO&org_code=O481&site_code=SS1481&service_code=01 |
| PageCount | 8 |
| ParticipantIDs | nrf_kci_oai_kci_go_kr_ARTI_3763389 kisti_ndsl_JAKO201831342439373 nurimedia_primary_NODE07536230 |
| PublicationCentury | 2000 |
| PublicationDate | 2018 |
| PublicationDateYYYYMMDD | 2018-01-01 |
| PublicationDate_xml | – year: 2018 text: 2018 |
| PublicationDecade | 2010 |
| PublicationTitle | 韓國컴퓨터情報學會論文誌 |
| PublicationTitleAlternate | Journal of the Korea Society of Computer and Information |
| PublicationYear | 2018 |
| Publisher | 한국컴퓨터정보학회 |
| Publisher_xml | – name: 한국컴퓨터정보학회 |
| SSID | ssib036279256 ssib001107257 ssib044738270 ssib012146333 ssib008451689 ssib053377514 |
| Score | 1.6434289 |
| Snippet | In recent years, a new approach to cyber security, called the moving target defense, has emerged as a potential solution to the challenge of static systems. In... |
| SourceID | nrf kisti nurimedia |
| SourceType | Open Website Open Access Repository Publisher |
| StartPage | 57 |
| SubjectTerms | 컴퓨터학 |
| Title | Design of a Protected Server Network with Decoys for Network-based Moving Target Defense |
| URI | https://www.dbpia.co.kr/journal/articleDetail?nodeId=NODE07536230 http://click.ndsl.kr/servlet/LinkingDetailView?cn=JAKO201831342439373&dbt=JAKO&org_code=O481&site_code=SS1481&service_code=01 https://www.kci.go.kr/kciportal/ci/sereArticleSearch/ciSereArtiView.kci?sereArticleSearchBean.artiId=ART002385932 |
| Volume | 23 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| ispartofPNX | 한국컴퓨터정보학회논문지, 2018, 23(9), 174, pp.57-64 |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwrV3db9MwELe28QAvCASI8TFZCD9mJLYz249Jk2ls6obUIvUtyoeDRlGLSvswHvjbubPTNkWV-BAvieX4bMfO-X7n3J0JeVvbqC4jYwJhhQykaFVgVIxWVg2PG6OqqEVFcXh9dvFRXk7iycHhqGe1tFpWp_X3vX4l_zKrkAfzil6yfzGzm0ohA9Iwv3CFGYbrH81x5swvvIvjBx9wAfEjGjE6V140uvI7rRlomXcu9MI6P0D51QBPux2FsTMIh2ItqLU71kEsz5iJmRmwPGFpzJKM5QOWpiyV7pFgicaEliwN8VESYvkcCoh1GSA3LpEwPcBHOmapSyRQlXZUiunNnxNH7auBisW6cYVEXI9LG1zZFSzezs7b7KGCwpylmWvh3FNd3cGyFgxv95J13Uixe9q9Bb4OLPI6g8ZGQAkDhSDZ9HdJuiUdv-j_Pkp9YWF0oKU7ChhkqcsDBCQCY3yIzLWE8R7VHSeZnrjwsbk74OGjuf8q0oxybhqfp4CI0BJRn3LhIvOuaXeChV_fZDmAQEAlIjwk97hSEdq5Dn_kW4wMCj_v_erWeFTz9siBCE96F1sdAKpShm8DLkmphObbRR7UBaV8DP3NeHgXVez5u339Bj0QlaNbgHOzBaDA-7MVHmUB62EP2o0fkYedTkYTz2CPycF0_oRMPHPReUtLumEu6pmLdkxEkbmoZy4KzEV3mIt65qKeuWjHXE_J6DwfDy6C7hiSYGpkGDQ8Cuu6Klthm7LWZ6EutWqUUraOdRhbrrjUsjVt28Dkh9KKswagYS10FQH2Fs_I0Ww-s88JFbHg2saxFXEjQVail3sUNpWGBqq2jI7JiRuXYtZ8-1JcJlc3OG4iEpJLjFspjskbGLBiWt8WGBUe75_mxXRRgO77vkCoAOoH1LIZz-KrD1lT9L-LF78r8JI8wIb9RuMrcrRcrOxrgN7L6sR9Sj8Bo7epTg |
| linkProvider | ISSN International Centre |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Design+of+a+Protected+Server+Network+with+Decoys+for+Network-based+Moving+Target+Defense&rft.jtitle=%ED%95%9C%EA%B5%AD%EC%BB%B4%ED%93%A8%ED%84%B0%EC%A0%95%EB%B3%B4%ED%95%99%ED%9A%8C%EB%85%BC%EB%AC%B8%EC%A7%80&rft.au=%EB%B0%95%ED%83%9C%EA%B7%BC%28Tae-Keun+Park%29&rft.au=%EB%B0%95%EA%B2%BD%EB%AF%BC%28Kyung-Min+Park%29&rft.au=%EB%AC%B8%EB%8C%80%EC%84%B1%28Dae-Sung+Moon%29&rft.date=2018&rft.pub=%ED%95%9C%EA%B5%AD%EC%BB%B4%ED%93%A8%ED%84%B0%EC%A0%95%EB%B3%B4%ED%95%99%ED%9A%8C&rft.issn=1598-849X&rft.eissn=2383-9945&rft.volume=23&rft.issue=9&rft.spage=57&rft.epage=64&rft_id=info:doi/10.9708%2Fjksci.2018.23.09.057&rft.externalDocID=NODE07536230 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=1598-849X&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=1598-849X&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=1598-849X&client=summon |