Details

Autor(en) / Beteiligte

• Steinberger, Jessica
• Kuhnert, Benjamin
• Dietz, Christian
• Ball, Lisa
• Sperotto, Anna
• Baier, Harald
• Pras, Aiko
• Dreo, Gabi

Titel

DDoS defense using MTD and SDN

Ist Teil von

• NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium, 2018, p.1-9

Ort / Verlag

IEEE

Erscheinungsjahr

2018

Quelle

IEEE/IET Electronic Library (IEL)

Beschreibungen/Notizen

• Distributed large-scale cyber attacks targeting the availability of computing and network resources still remains a serious threat. In order to limit the effects caused by those attacks and to provide a proactive defense, mitigation should move to the networks of Internet Service Providers. In this context, Moving Target Defense (MTD) is a technique that increases uncertainty due to an ever-changing attack surface. In combination with Software Defined Networking (SDN), MTD has the potential to reduce the effects of a large-scale cyber attack. In this paper, we combine the defense techniques moving- target using Software Defined Networking and investigate their effectiveness. We review current moving-target defense strategies and their applicability in context of large-scale cyber attacks and the networks of Internet Service Providers. Further, we enforce the implementation of moving target defense strategies using Software Defined Networks in a collaborative environment. In particular, we focus on ISPs that cooperate among trusted partners. We found that the effects of a large-scale cyber attack can be significantly reduced using the moving-target defense and Software Defined Networking. Moreover, we show that Software Defined Networking is an appropriate approach to enforce implementation of the moving target defense and thus mitigate the effects caused by large-scale cyber attacks.