Abstract
Adaptive defense is a cyber defense strategy in which a set of system configurations are dynamically changed to increase uncertainty and complexity for adversaries that try to discover and exploit vulnerabilities. To improve cyber agility of networks, the NetShifter performs multi-dimensional network-level adaptive defense in full scale beyond physical constraints of the networks by adopting the software-defined network (SDN).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Change history
01 February 2020
This book was inadvertently published as an authored work with the chapter authors mentioned in the footnotes of the chapter opening pages. This has now been updated and the chapter authors have been mentioned in the respective chapter opening pages as mentioned below:
References
Qi Duan, et al, “Efficient Random Route Mutation Considering Flow and Network Constraints”, In proceedings of Hot Topics in Software Defined Networking (HotSDN 12), 2012.
Justin Yackoski, et al, “A self-shielding dynamic network architecture”, In proceedings of IEEE MILCOM, November 2011, pp. 1381–1386.
Active Repositioning in Cyberspace for Synchronized Evasion (ARCSYNE), 2012, Final Technical Report
J.H. Jafarian, et al, “OpenFlow Random Host Mutation: Transparent Moving Target Defense using Software Defined Networking”, In Proceedings of ACM SIGCOMM HotSDN workshop, August 2011.
D.C. MacFarland et al, “The SDN Shuffle: Creating a Moving-Target Defense using Host-based Software-Defined Networking”, In Proceedings of the Second ACM Workshop on Moving Target Defense, pp 37–41.
P. Kampanakis et al, “SDN-based Solutions for Moving Target Defense network Protection” In Proceedings of IEEE Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM), June 2014, pp. 1–6.
S. Antonatos, et al, “Defending against hitlist worms using network address space randomization”, In proceedings of the 2005 ACM workshop on Rapid malcode (WORM ’05), 2005.
D. Kewley, R. Fink, J. Lowry, and M. Dean, “Dynamic approaches to thwart adversary intelligence gathering”, In proceedings of DARPA Information Survivability Conference Exposition II (DISCEX’01), 2001.
C.M. Price, E. Stanton, E.J. Lee, J.T. Michalski, K.S. Chua, Y.H. Wong, and C.P. Tan, “Network Security Mechanisms Utilizing Dynamic Network Address Translation LDRD Project,” Sandia National Labs, 2002 Nov 01.
H. Moniz, N.F. Neves, M. Correia, and P. Verissimo, “Randomized Intrusion-Tolerant Asynchronous Services,” International Conference on Dependable Systems and Networks, June 2006.
S. Antonatos, P. Akritidis, E.P. Markatos, and K.G. Anagnostakis, “Defending against hitlist worms using network address space randomization,” Comput. Netw. 51, 12 (August 2007), 3471–3490.
E. Al-Shaer, “Toward Network Configuration Randomization for Moving Target Defense,” Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats, S. Jajodia, A.K. Ghosh, V. Swarup, C. Wang, X.S. Wang (eds.), New York: Springer, 2011, 153–159.
J.D Touch, G.G. Finn, Y.-S. Wang, and L. Eggert, “DynaBone: dynamic defense using multi-layer Internet overlays,” In Proceedings of DARPA Information Survivability Conference and Exposition, vol. 2 (22–24 April 2003), pp. 271–276.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Ahn, GS., Kwak, K.J., Bogaevskiy, A., Li, J., Briskin, G., Vaeth, R. (2019). NetShifter: A Comprehensive Multi-Dimensional Network Obfuscation and Deception Solution. In: Al-Shaer, E., Wei, J., Hamlen, K., Wang, C. (eds) Autonomous Cyber Deception. Springer, Cham. https://doi.org/10.1007/978-3-030-02110-8_7
Download citation
DOI: https://doi.org/10.1007/978-3-030-02110-8_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-02109-2
Online ISBN: 978-3-030-02110-8
eBook Packages: Computer ScienceComputer Science (R0)