Port hopping for resilient networks

With the pervasiveness of the Internet, denial-of-service (DoS) and distributed DoS (DDoS) attacks have become important threats to servers, hosts and devices that are connected. The paper addresses the problem of mitigating DoS/DDoS attacks so as to ensure that legitimate traffic is given an acceptable level of quality of service. We propose a new technique, called port hopping, where the UDP/TCP port number used by the server varies as a function of time and a shared secret between the server and the client. The main strength of the mechanism lies in the simplification of both the detection and filtering of malicious attack packets and that it does not require any change to existing protocols. This port hopping technique is compatible with UDP and TCP and can be implemented using socket communications for UDP, and for setting up TCP communications. We performed both a theoretical analysis and empirical studies through an actual implementation to study the effectiveness of the scheme against DoS/DDoS flooding attacks. Our experiments show that the port hopping technique is effective in detecting and filtering malicious traffic, and hence improves the reliability of good traffic flow.