Adaptive IP mutation: A proactive approach for defending against worm propagation

Changting Lin, Chunming Wu, Min Huang, Zhenyu Wen, Qiumei Cheng

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

IP address mutation is a proactive defense method that is used to reduce the risk of network attacks, especially to deal with the worm propagation attacks. However, previous work did not give much consideration to the negative effects that IP address mutation could bring to network performance. To be specific, there is a trade-off between network performance and security, which implies that when a security mechanism is reinforced, network performance would be impaired and vice versa. Therefore, in order to achieve the optimal balance between performance and security, an optimal solution should be provided. In this paper, we propose an adaptive IP mutation defense method which is based on temporal-dimension, to dynamically control the mutation interval according to real-time measurable metrics, assurance and avoidance. This method leverages a genetic algorithm to achieve the optimization of performance-security trade-off. We then evaluate our method in a simulated computer cluster environment, including 1024 hosts, and demonstrate that our method can successfully find the optimal solution according to the experimental results. For example, it can reduce the worm propagation significantly, while maintaining the network performance in a predefined level.

Index Terms - IP address mutation; Security; Performance; Trade-off

Original languageEnglish
Title of host publicationProceedings - 2016 IEEE 35th International Symposium on Reliable Distributed Systems Workshops, SRDSW 2016
Place of PublicationBudapest, Hungary
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Pages61-66
Number of pages6
Volume2016-October
ISBN (Electronic)978-1-5090-5259-2
ISBN (Print)978-1-5090-5260-8
DOIs
Publication statusPublished - 20 Oct 2016
Event35th Symposium on Reliable Distributed Systems - Budapest, Hungary
Duration: 26 Sep 201629 Sep 2016
http://srds2016.inf.mit.bme.hu/

Conference

Conference35th Symposium on Reliable Distributed Systems
Abbreviated titleSRDSW 2016
CountryHungary
CityBudapest
Period26/09/1629/09/16
Internet address

Keywords

  • IP address mutation
  • Performance
  • Security
  • Trade-off

Fingerprint Dive into the research topics of 'Adaptive IP mutation: A proactive approach for defending against worm propagation'. Together they form a unique fingerprint.

Cite this