Visible to the public Multi-vNIC Intelligent Mutation: A Moving Target Defense to thwart Client-side DNS Cache Attack

TitleMulti-vNIC Intelligent Mutation: A Moving Target Defense to thwart Client-side DNS Cache Attack
Publication TypeConference Paper
Year of Publication2020
AuthorsZhou, Zan, Xu, Changqiao, Ma, Tengchao, Kuang, Xiaohui
Conference NameICC 2020 - 2020 IEEE International Conference on Communications (ICC)
Date Publishedjun
Keywordscloud computing, Collaboration, Computer crime, DNS security, game theory, Games, learning (artificial intelligence), Metrics, Network moving target defense, pubcrawl, reinforcement learning, Scalability, Servers
AbstractAs massive research efforts are poured into server-side DNS security enhancement in online cloud service platforms, sophisticated APTs tend to develop client-side DNS attacks, where defenders only have limited resources and abilities. The collaborative DNS attack is a representative newest client-side paradigm to stealthily undermine user cache by falsifying DNS responses. Different from existing static methods, in this paper, we propose a moving target defense solution named multi-vNIC intelligent mutation to free defenders from arduous work and thwart elusive client-side DNS attack in the meantime. Multiple virtual network interface cards are created and switched in a mutating manner. Thus attackers have to blindly guess the actual NIC with a high risk of exposure. Firstly, we construct a dynamic game-theoretic model to capture the main characteristics of both attacker and defender. Secondly, a reinforcement learning mechanism is developed to generate adaptive optimal defense strategy. Experiment results also highlight the security performance of our defense method compared to several state-of-the-art technologies.
DOI10.1109/ICC40277.2020.9148655
Citation Keyzhou_multi-vnic_2020