摘要
网络嗅探攻击中,攻击者从网络节点或链路捕获和分析网络通信数据、监视网络状态、窃取用户名和密码等敏感信息。在攻击发生时,攻击者通常处于静默状态,传统的网络防护手段如防火墙、入侵检测系统(IDS)或入侵防御系统(IPS)很难发现并有效抵御攻击。从网络结构入手,提出基于软件定义网络(SDN)的动态路径跳变(DPH)通信机制,依据空间和时间约束条件,动态改变通信节点之间的路径,宏观上将通信流量相对均匀地分布在多条传输链路中,增加网络嗅探攻击中获取完整数据的难度。实验仿真结果说明,在一定的网络规模下,动态路径跳变能够在不明显降低网络传输性能的条件下有效防御嗅探攻击。
In network sniffing attacks,attackers capture and analyze network communication data from network nodes or links,monitor network status and steal sensitive data such as usernames and passwords.In an ongoing attack,the attacker is usually in a silent state,traditional network protection methods such as firewalls,Intrusion Detection System(IDS),or Intrusion Prevention System(IPS)are difficult to detect and defend against it.A Dynamic Path Hopping(DPH)mechanism based on Software Defined Network(SDN)was proposed to solve this problem.In DPH,the paths of communication nodes were dynamically changed according to constraints of space and time,and the communication traffic was evenly distributed in multiple transmission paths,which increased the difficulty of obtaining complete data in the network sniffing attack.The experimental and performance simulation results show that under a certain network scale,DPH can effectively defend sniffer attacks without significantly reducing network transmission performance.
作者
张传浩
谷学汇
孟彩霞
ZHANG Chuanhao;GU Xuehui;MENG Caixia(Department of Image and Network Investigation,Railway Police College,Zhengzhou Henan 450053,China)
出处
《计算机应用》
CSCD
北大核心
2018年第11期3258-3262,3269,共6页
journal of Computer Applications
基金
公安部技术研究计划项目(2017JSYJC08
2016JSYJB38)
河南省科技厅基金资助项目(172102210441)
铁道警察学院跨学科研究机构"公安视听技术应用研究中心"资助项目~~
关键词
网络安全
网络嗅探
软件定义网络
移动目标防御
动态路径跳变
cyber security
network sniffing
Software Defined Network(SDN)
Moving Target Defense(MTD)
dynamic path hopping
