Design of a Network Scan Defense Method by Combining an SDN-Based MTD and IPS_

Shoya Chiba; Luis Guillen; Satoru Izumi; Toru Abe; Takuo Suganuma

Summary

2021

Session Number:TS7

Session:

Number:TS7-3

Design of a Network Scan Defense Method by Combining an SDN-Based MTD and IPS_

Shoya Chiba, Luis Guillen, Satoru Izumi, Toru Abe, Takuo Suganuma,

pp.273-278

Publication Date:2021/9/8

Online ISSN:2188-5079

DOI:10.34385/proc.67.TS7-3

PDF download (2.1MB)

Summary:

This paper proposes a Software-Defined Network (SDN)-based Moving Target Defense (MTD) mechanism to pro- tect the network from potential scans. The proposed mechanism can work in combination with an IPS without affecting its normal behavior. To do so, an SDN controller changes the packets’ headers passing through switches using virtual IP addresses while the operation of IPS continues monitoring the devices’ actual IP addresses. Preliminary results in an emulated environment show that it is possible to achieve a seamless collaboration between the MTD and IDS to detect low and high-rate scans.