Moving target defense system and moving target defense method for SDN (self-defending network)

A dynamic target defense and target technology, applied in the field of network security, can solve problems such as security vulnerabilities

Inactive Publication Date: 2015-04-08
BLUEDON INFORMATION SECURITY TECH CO LTD
View PDF6 Cites 53 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In addition, the binding between the honeypot address and the attac...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Moving target defense system and moving target defense method for SDN (self-defending network)
  • Moving target defense system and moving target defense method for SDN (self-defending network)
  • Moving target defense system and moving target defense method for SDN (self-defending network)

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0100] The technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only a part of the embodiments of the present invention, rather than all the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative work shall fall within the protection scope of the present invention.

[0101] In order to solve the shortcomings or deficiencies in the prior art that the dynamic target defense mapping to the virtual target is fixed or the virtual target space is small, the present invention adopts an SDN network dynamic target defense system and method, thereby increasing the attacker's detection target The difficulty.

[0102] An SDN network dynamic target defense system is implemented based on the SDN network, and is comp...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a moving target defense system for an SDN (self-defending network). The system consists of a moving target defense module and an SDN controller management module; the moving target defense module comprises a flow analysis module, a mapping information storage module, a target conversion module, an encryption transmission module, a load balance module, a safety authentication module, a business flow recording database and a mapping information recording database; the SDN controller management module comprises a flow table generation module, a flow table distribution/synchronization module, a route selection module, a DNS service module, a load balance module, a distributed management module, a safety communication module, a redundant backup module, a safety authentication module and a flow table database; furthermore, the invention also discloses a moving target defense method for the SDN. Through the moving target defense system and the moving target defense method disclosed by the invention, the difficulty of an attacker to detect a target is increased further, and therefore the safety of an intranet is comprehensively protected.

Description

Technical field [0001] The present invention relates to the technical field of network security, in particular to a system and method for defending an SDN network dynamic target. Background technique [0002] Dynamic target defense—The so-called Moving Target Defense (MTD) strategy is to establish a (from the outside) network system with diverse and constantly changing attributes, making it difficult for hackers to detect the target before launching an attack. Increase the difficulty of the attack to achieve defense. Randomly variable attributes include IP, Port, routing, host identity, command set, etc. Compared with the traditional network, the SDN network control and forwarding separation feature makes it easier to realize such a network system. The Random Host Conversion (OF-RHM) technology developed by the University of North Carolina based on the OpenFlow protocol uses the SDN network to achieve rapid host IP conversion while keeping network services transparent to users....

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1441
Inventor 杨育斌程丽明柯宗贵
Owner BLUEDON INFORMATION SECURITY TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap