Title | Multi-vNIC Intelligent Mutation: A Moving Target Defense to thwart Client-side DNS Cache Attack |
Publication Type | Conference Paper |
Year of Publication | 2020 |
Authors | Zhou, Zan, Xu, Changqiao, Ma, Tengchao, Kuang, Xiaohui |
Conference Name | ICC 2020 - 2020 IEEE International Conference on Communications (ICC) |
Date Published | jun |
Keywords | cloud computing, Collaboration, Computer crime, DNS security, game theory, Games, learning (artificial intelligence), Metrics, Network moving target defense, pubcrawl, reinforcement learning, Scalability, Servers |
Abstract | As massive research efforts are poured into server-side DNS security enhancement in online cloud service platforms, sophisticated APTs tend to develop client-side DNS attacks, where defenders only have limited resources and abilities. The collaborative DNS attack is a representative newest client-side paradigm to stealthily undermine user cache by falsifying DNS responses. Different from existing static methods, in this paper, we propose a moving target defense solution named multi-vNIC intelligent mutation to free defenders from arduous work and thwart elusive client-side DNS attack in the meantime. Multiple virtual network interface cards are created and switched in a mutating manner. Thus attackers have to blindly guess the actual NIC with a high risk of exposure. Firstly, we construct a dynamic game-theoretic model to capture the main characteristics of both attacker and defender. Secondly, a reinforcement learning mechanism is developed to generate adaptive optimal defense strategy. Experiment results also highlight the security performance of our defense method compared to several state-of-the-art technologies. |
DOI | 10.1109/ICC40277.2020.9148655 |
Citation Key | zhou_multi-vnic_2020 |