A realization method of address and port hopping communication based on netfilter

Abstract

The invention provides a netfilter-based address and port hopping communication implementation method, which comprises the steps of 1) initially deploying; 2) configuring the hopping parameters of a server, generating a hopping key, storing the hopping key, and distributing the hopping parameters to an authentication and distribution agent by means of the server; 3) acquiring the hopping parameters of the server by means of a client after the authentication process of the client by an authentication and distribution center; 4) synchronizing the clocks of the client, the server and an address hopping gateway, calculating the current hopping address and the current hopping port of the server, and modifying addresses and ports corresponding to data messages sent and received by a local computer so as to realize the communication; 5) receiving communication messages received by the address hopping gateway from the client and the server, and acquiring the hopping address of the server by an address hopping engine according to the above address hopping parameters, and modifying addresses corresponding to the above messages to complete the message forwarding process; 6) realizing the port hopping function through a port hopping engine by the server, modifying ports corresponding to the messages of an importer / exporter to complete the communication. The method is simple in principle, easy to realize and popularize, and good in safety.

Description

technical field [0001] The invention mainly relates to the mobile target defense field of network security protection, in particular to a method for realizing address and port jump communication based on Netfilter, which can be applied to the mobile target defense method. Background technique [0002] Network security protection is a hot field of current computer technology research. With the rapid development of e-commerce, e-government, new network media, etc., the Internet has been integrated into all aspects of politics, economy, culture, and life. While the Internet brings convenience to people, the impact and damage caused by network attacks are becoming more and more serious. getting bigger and bigger. Therefore, strengthening network security protection and improving the survivability of network information systems under network attacks is an important research direction for researchers at present and for a long period of time in the future. [0003] Traditional se...

AI Technical Summary

Problems solved by technology

The disadvantages of the above traditional methods are: the effect is better against known attack methods, the effect is not ideal for unknown attack methods, and the protection effect is limited

However, its problem is that the synchronization technology adopts strict clock synchronization, which has poor adaptability under congestion and network delay.

[0007] DYNAT technology adds a proxy on the gateway to realize address jumping and protect LAN hosts; however, its problem is that when the network address configuration is highly dynamic, the proxy becomes the bottleneck of the system

[0008] OF-RHM technology implements address translation in SDN networks, but it is difficult to deploy in traditional networks. Improved RHM can be deployed in traditional networks, which is difficult to implement

[0009] Shi Leyi, Jia Chunfu, etc. proposed a service transition mechanism based on port and address information, and a synchronization mechanism based on timestamp, but this scheme cannot prevent monitoring attacks

For this reason, the improvement scheme introduces a plug-in mechanism, but the router in the plug-in mechanism may become a new performance bottleneck of the system

[0010] To sum up, it can be seen that although there are some address and port hopping technologies, there are some problems, which lead to the failure of large-scale deployment of existing technologies

Images