Title :
Full Service Hopping for Proactive Cyber-Defense
Author :
Shi, Leyi ; Jia, Chunfu ; Lu, Shuwang
Author_Institution :
China Univ. of Pet., Dongying
Abstract :
Inspired by deceptive and evasive countermeasures for military environment, a proactive cyber defense tactic of full service hopping is proposed which changes all the service information pseudo-randomly, including service port, network address, service slot, cryptographic algorithm and even the service protocol. A novel concept of dynamic honey pot is presented which mimics the ancient battle diagrams to bewilder the adversary by changing the role of every hopping station pseudo-randomly. Thereafter a full service hopping framework and synchronization scheme of Spokesman are introduced. Then a distributed prototype is carried out through mobile Java agent. Our experimental works demonstrate that full hopping tactic has better performance for active cyber-defense. Moreover, the overheads of handover and synchronization during service hopping are also discussed in this paper.
Keywords :
Java; computer networks; cryptography; mobile agents; Spokesman; cryptographic algorithm; distributed prototype; dynamic honey pot; full service hopping; hopping station pseudo-randomly; mobile Java agent; network address; proactive cyber defense tactic; proactive cyber-defense; service information pseudo-randomly; service port; service protocol; service slot; Computer security; Cryptographic protocols; Cryptography; Information security; Internet; Intrusion detection; Java; National security; Prototypes; Radio communication countermeasures;
Conference_Titel :
Networking, Sensing and Control, 2008. ICNSC 2008. IEEE International Conference on
Conference_Location :
Sanya
Print_ISBN :
978-1-4244-1685-1
Electronic_ISBN :
978-1-4244-1686-8
DOI :
10.1109/ICNSC.2008.4525425
