Biblio

With the advancement of network technology, more electronic devices have begun to connect to the Internet. The era of IoE (Internet of Everything) is coming. However, the number of serious incidents of cyberattacks on important facilities has gradually increased at the same time. Security becomes an important issue when setting up plenty of network devices in an environment. Thus, we propose an innovative mechanism of the Moving Target Defense (MTD) to solve the problems happening to other MTD mechanisms in the past. This method applies Dynamic Host Configuration Protocol (DHCP) to dynamically change the IPv4 address of information equipment in the medical environment. In other words, each of the nodes performs IP-Hopping and effectively avoids malicious attacks. Communication between devices relies on DNS lookup. The mechanism avoids problems such as time synchronization and IP conflict. Also, it greatly reduces the costs of large-scale deployment. All of these problems are encountered by other MTD mechanisms in the past. Not only can the mechanism be applied to the medical and information equipment, it can also be applied to various devices connected to the Internet, including Industrial Control System (ICS). The mechanism is implemented in existing technologies and prevents other problems, which makes it easy to build a system.

Supervisory Control and Data Acquisition(SCADA) communications are often subjected to various sophisticated cyber-attacks mostly because of their static system characteristics, enabling an attacker for easier profiling of the target system(s) and thereby impacting the Critical Infrastructures(CI). In this Paper, a novel approach to mitigate such static vulnerabilities is proposed by implementing a Moving Target Defense (MTD) strategy in a power grid SCADA environment, leveraging the existing communication network with an end-to-end IP-Hopping technique among trusted peers. The main contribution involves the design and implementation of MTD Architecture on Iowa State's PowerCyber testbed for targeted cyber-attacks, without compromising the availability of a SCADA system and studying the delay and throughput characteristics for different hopping rates in a realistic environment. Finally, we study two cases and provide mitigations for potential weaknesses of the proposed mechanism. Also, we propose to incorporate port mutation to further increase attack complexity as part of future work.

This paper will suggest a robust method for a network layer Moving Target Defense (MTD) using symmetric packet scheduling rules. The MTD is implemented and tested on a Supervisory Control and Data Acquisition (SCADA) network testbed. This method is shown to be efficient while providing security benefits to the issues faced by the static nature of SCADA networks. The proposed method is an automated tool that may provide defense in depth when be used in conjunction with other MTDs and traditional security devices.