Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

SDN network IP address hopping method based on randomization algorithm

An IP address and randomization technology, applied in the computer field, can solve the problem of single defense method, affecting system stability and security, and achieve the effect of improving attack, reducing the possibility of successful attack, and improving security.

Pending Publication Date: 2021-07-09
厦门美域中央信息科技有限公司
View PDF3 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

For address jumping, the existing technical methods have the problem of a single defense method, which affects the stability and security of the system

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • SDN network IP address hopping method based on randomization algorithm
  • SDN network IP address hopping method based on randomization algorithm
  • SDN network IP address hopping method based on randomization algorithm

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0034] Such as Figure 1-2 As shown, a kind of SDN network IP address hopping method based on randomization algorithm proposed by the present invention includes a first host, a second host, a random IP address generator, a switch, a controller, and a virtual IP address configuration manager; The first host and the second host are connected through a controller; the controller and the virtual IP address configuration manager are connected through a switch; the random IP address generator is connected to the virtual IP address configuration manager; the first host is provided with an IP address request module; the controller A data processing module, a network mapping database module, a control module, and an IP address resolution module are set on the computer; a connected IP address storage module and an encryption module are set on the second host; a decryption module, a virtual IP address acquisition module, and an IP address acquisition module are set on the switch. An addr...

Embodiment 2

[0044] Such as image 3 As shown, the present invention proposes a kind of SDN network IP address hopping method based on randomization algorithm again, and the steps are as follows:

[0045] S1. The first host sends a signal to the controller to request an IP address. The data processing module intercepts the current network flow table information through the OpenFlow interface, stores, classifies, and summarizes, and judges the executability of the IP address request. At the same time, the network maps the database The module obtains the mapping data of the current network event and stores it;

[0046] S2. When it is judged to be executable, the control module sends a signal to the second host, and the IP address storage module on the second host cooperates with the encryption module to send the encrypted real IP address to the controller;

[0047] S3, the IP address analysis module analyzes it, and sends it to the switch after unlocking part of the password lock;

[0048]...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

An SDN network IP address hopping method based on a randomization algorithm relates to the technical field of computers, and comprises a first host, a second host, a random IP address generator, a switch, a controller and a virtual IP address configuration manager; the first host and the second host are connected through the controller; and the controller is connected with the virtual IP address configuration manager through the switch. Through cooperation of the first host, the second host, the random IP address generator, the switch, the controller and the virtual IP address configuration manager, the randomization algorithm model hops a real IP address and a virtual IP address through a flow rule, and honeypot embedding, anti-tracking setting and monitoring setting are performed in the hopped IP address; therefore, not only is the security of network communication improved, but also the aggressiveness of the system is improved, and combination of active defense and passive defense is realized.

Description

technical field [0001] The present invention relates to the field of computer technology, in particular to a randomized algorithm-based SDN network IP address hopping method. Background technique [0002] Aiming at the inherent asymmetric nature of attack and defense of the current network, in order to balance the attack and defense environment of the existing network, the US Network Security and Information Assurance Research and Development Program proposed a new concept to deal with new types of network attacks-Moving Target Defense Technology (also known as Moving Target Defense, Moving Target Defense, Target Defense, MTD). [0003] The core idea of ​​MTD is to use changes in the attack surface to make the network system dynamic, and provide dynamic and active network defense functions through the mechanism strategy of "turning static into dynamic, anti-customer-oriented", making the system less deterministic and static , Isomorphism, using randomization and diversifica...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/1466H04L63/1491H04L61/5007
Inventor 石小川肖清林赵昆杨陈鹭菲廖渊跃
Owner 厦门美域中央信息科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products