Visible to the public FastMove: Fast IP Switching Moving Target Defense to Mitigate DDOS Attacks

Submitted by grigby1 on Tue, 12/21/2021 - 11:35am
TitleFastMove: Fast IP Switching Moving Target Defense to Mitigate DDOS Attacks
Publication TypeConference Paper
Year of Publication2021
AuthorsBandi, Nahid, Tajbakhsh, Hesam, Analoui, Morteza
Conference Name2021 IEEE Conference on Dependable and Secure Computing (DSC)
Date PublishedFeb. 2021
PublisherIEEE
ISBN Number978-1-7281-7534-8
KeywordsAttack, Bot, cloud computing, Complexity theory, composability, Computer architecture, Computer crime, DDoS, defense, denial-of-service attack, IP address, IP networks, Metrics, moving target defense, pubcrawl, resilience, Resiliency, Servers, Switches, Zero day attacks
AbstractDistributed denial of service attacks are still one of the greatest threats for computer systems and networks. We propose an intelligent moving target solution against DDOS flooding attacks. Our solution will use a fast-flux approach combined with moving target techniques to increase attack cost and complexity by bringing dynamics and randomization in network address space. It continually increases attack costs and makes it harder and almost infeasible for botnets to launch an attack. Along with performing selective proxy server replication and shuffling clients among this proxy, our solution can successfully separate and isolate attackers from benign clients and mitigate large-scale and complex flooding attacks. Our approach effectively stops both network and application-layer attacks at a minimum cost. However, while we try to make prevalent attack launches difficult and expensive for Bot Masters, this approach is good enough to combat zero-day attacks, too. Using DNS capabilities to change IP addresses frequently along with the proxy servers included in the proposed architecture, it is possible to hide the original server address from the attacker and invalidate the data attackers gathered during the reconnaissance phase of attack and make them repeat this step over and over. Our simulations demonstrate that we can mitigate large-scale attacks with minimum possible cost and overhead.
URLhttps://ieeexplore.ieee.org/document/9346278
DOI10.1109/DSC49826.2021.9346278
Citation Keybandi_fastmove_2021
Groups: