IP address jump safety communication method based on SDN framework

An IP address and secure communication technology, applied in the field of IP address hopping secure communication based on SDN architecture, can solve the problem of not supporting multi-channel protocols, and achieve the effect of increasing attack difficulty and resisting DDoS attacks

Inactive Publication Date: 2016-03-23
芦斌
View PDF3 Cites 71 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, because this method transparently modifies the IP address of data packets in the network, this method does not support multi-channel protocols, and this method only resists attacks, but does not take further measures against attackers

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • IP address jump safety communication method based on SDN framework
  • IP address jump safety communication method based on SDN framework
  • IP address jump safety communication method based on SDN framework

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] Below in conjunction with accompanying drawing and embodiment the present invention is described in detail:

[0039] The IPH network, that is, the jump network, is mainly composed of the jump communication part, the application gateway part and the honeypot part. Among them, the hopping communication part is responsible for implementing address port hopping; the application gateway part is responsible for converting and correcting the specified traffic; the honeypot part is responsible for confusing attackers and collecting attacker information.

[0040] Such as figure 1 As shown, the IP address hopping security communication method based on the SDN framework of the present invention comprises the following steps successively:

[0041] A: Host Host 1 Send a domain name resolution request to the DNS server, requesting the host Host 2 IP address;

[0042] Among them, the host Host 2 For the host inside the IPH network, the host Host 1 Own the host Host 2 domain nam...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an IP address jump safety communication method based on an SDN framework. The method comprises steps that A, an IP address of a Host2 is requested by a Host1; B, a real IP address r2 of the Host2 is replaced by a virtual IP address h2 through a controller; C, a domain analysis response is forwarded by the controller to the Host1; D, an r1 is taken as a source address and the h2 is taken as a target address by the Host1 to send a data packet to the Host2; E, a flow rule is generated by the controller to replace the r1 by a virtual IP address h1, and the flow rule is issued; F, the r1 is replaced by the h1 through the source switch, and forwarding is carried out; G, the h2 is replaced by the r2 through the target switch, and forwarding is carried out; H, the r2 is taken as a source address and the h1 is taken as a target address by the Host2 to send a response data packet; I, the r2 is replaced by the h2 through the target switch, and forwarding is carried out; J, the h1 is replaced by the r1 through the source switch, and forwarding to the Host1 is carried out. Through the method, jump IPs can be dynamically distributed to a host computer in the IPH network, one-time one-change access to the host computer IP is transparently realized, attack based on scanning and DDoS attach can be effectively fought against.

Description

technical field [0001] The invention relates to the field of network security, in particular to an IP address hopping security communication method based on an SDN framework. Background technique [0002] At present, with the development and popularization of computer networks, network information security has gradually attracted people's attention, and network attack and defense confrontation has become a current research hotspot. Traditional static IP-based network communication exposes servers or some important hosts to attackers, enabling attackers to identify and attack targets accurately and quickly. IP hopping is a type of technology in MTD. By increasing the dynamics and randomness of host IP addresses, it is difficult for attackers to lock the attack target in the preparation stage of the attack, restricting attackers from discovering loopholes, and hiding internal network assets. [0003] In a traditional network, the overhead of implementing IP hopping is very hi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12H04L12/931H04L12/741H04L45/74
CPCH04L45/74H04L49/70H04L63/1433H04L63/1458H04L63/1466H04L63/1491H04L61/4511H04L61/5014
Inventor 芦斌赵正巩道福刘粉林
Owner 芦斌
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap