DOI QR코드

DOI QR Code

An Approach for Applying Network-based Moving Target Defense into Internet of Things Networks

  • Received : 2019.08.07
  • Accepted : 2019.08.26
  • Published : 2019.09.30

Abstract

In this paper, we propose an approach to apply network-based moving target defense into Internet of Things (IoT) networks. The IoT is a technology that provides the high interconnectivity of things like electronic devices. However, cyber security risks are expected to increase as the interconnectivity of such devices increases. One recent study demonstrated a man-in-the-middle attack in the statically configured IoT network. In recent years, a new approach to cyber security, called the moving target defense, has emerged as a potential solution to the challenge of static systems. The approach continuously changes system's attack surface to prevent attacks. After analyzing IPv4 / IPv6-based moving target defense schemes and IoT network-related technologies, we present our approach in terms of addressing systems, address mutation techniques, communication models, network configuration, and node mobility. In addition, we summarize the direction of future research in relation to the proposed approach.

Keywords

References

  1. M. F. Razali, M. N. Razali, F. Z. Mansor, G. Muruti, and N. Jamil, "IoT Honeypot: A Review from Researcher's Perspective," Proceedings of the 2018 IEEE Conference on Applications, Information and Network Security, pp. 93-98, Nov. 2018.
  2. J. Rivera and R. van der Meulen, "Gartner Says 4.9 Billion Connected 'Things' Will Be in Use in 2015," http://www.gartner.com/newsroom/id/2905717.
  3. R. E. Navas, H. L. Bouder, N. Cuppens, F. Cuppens, G. Z. Papadopoulos, "Demo: Do Not Trust Your Neighbors! A Small IoT Platform Illustrating a Man-in-the-Middle Attack," Proceedings of the 17th International Conference on Ad Hoc Networks and Wireless, pp. 120-125, September 2018.
  4. K. Kang, T. Park, and D. Moon, “Analysis of Threat Model and Requirements in Network-based Moving Target Defense,” Journal of The Korea Society of Computer and Information, Vol. 22, No. 10, pp. 83-92, October 2017. https://doi.org/10.9708/jksci.2017.22.10.083
  5. T. Park, K. Park, and D. Moon, “Design of a Protected Server Network with Decoys for Network-based Moving Target Defense,” Journal of The Korea Society of Computer and Information, Vol. 23, No. 9, pp. 57-64, September 2018. https://doi.org/10.9708/jksci.2018.23.09.057
  6. D. Kewley, R. Fink, J. Lowry and M. Dean, "Dynamic Approaches to Thwart Adversary Intelligence Gathering," Proceedings of the DARPA Information Survivability Conference and Exposition, pp. 176-185, August 2001.
  7. M. Atighetchi, P. Pal, F. Webber and C. Hones, "Adaptive Use of Network-Centric Mechanisms in Cyber-Defense," Proceedings of the sixth IEEE International Symposium on Object-Oriented Real-Time Distributed Computing, pp. 183-192, 2003.
  8. S. Antonatos, P. Akritidis, E. P. Markatos, K. G. Anagnostakis, "Defending against Histlist Worms using Network Address Space Randomization," Computer Networks, vol.51, no.12, pp.3471-3490. August 2007. https://doi.org/10.1016/j.comnet.2007.02.006
  9. J. H. Jafarian, E. Al-Shaer and Q. Duan, "An Effective Address Mutation Approach for Distructing Reconnaissance Attacks," IEEE Transactions on Information Forensics, vol.10, no.12, pp. 2562-2577, August 2015. https://doi.org/10.1109/TIFS.2015.2467358
  10. J. Sun and K. Sun, "DESIR: Decoy-enhanced seamless IP randomization," Proceedings of the IEEE INFOCOM, 2016.
  11. J. H. Jafarian, A. Niakankahiji, E. Al-Shaer and Q. Duan, "Multi-dimensional Host Identity Anonymization for Defeating Skilled Attacks," Proceedings of the 2016 ACM Workshop on Moving Target Defense, pp. 47-58, 2016.
  12. T. Park, K. Kang, and D. Moon, "A Scalable and Seamless Connection Migration Scheme for Moving Target Defense in Legacy Networks," IEICE Trans. Inf. & Syst., In Press, Vol.E101-D, No.11, November 2018.
  13. K. Park, S. Woo, D. Moon, K. Koo, I. Kim, and J. Lee "Pseudonym Address based Hidden Tunnel Networking for Network Address Mutation," KOREA Patent App. No. 10-2018-0076029, 2018.
  14. M. Dunlop, S. Groat, W. Urbanski, R. Marchany, and J. Tront, "MT6D: a moving target IPv6 defense," Proceedings of the Military Communications Conference, pp. 1321-1326, 2011.
  15. S. Deering and R. Hinden, "Internet Protocol, Version 6 (IPv6) Specication," RFC 2460, December 1998. Updated by RFCs 5095, 5722, 5871, 6437, 6564, 6935, 6946.
  16. C. F. Morrell, "Improving the Security, Privacy, and Anonymity of a Client-Server Network through the Application of a Moving Target Defense," Doctoral Dissertation in Computer Engineering, Virginia Tech Blacksburg, Virginia, USA, 2016.
  17. D. J. Bernstein, "Curve25519: new die-hellman speed records," Proceedings of the 9th Iternational Conference on Theory and Practice in Public Key Cryptography, pp. 207-228, Springer, 2006.
  18. A. Brandt, J. Hui, R. Kelsey, P. Levis, K. Pister, R. Struik, JP. Vasseur, and R. Alexander, "RPL: IPv6 routing protocol for low-power and lossy networks," RFC 6550, 2012.
  19. S. Oh, D. Y. Hwang, K. Kim, and K. H. Kim, "A hybrid mode to enhance the downward route performance in routing protocol for low power and lossy networks," International Journal of Distributed Sensor Networks, Vol. 14(4), April 2018.
  20. A. Kamble, V. S. Malemath, and D. Patil, "Security Attacks and Secure Routing Protocols in RPL-based Internet of Things: Survey," Proceedings of 2017 International Conference on Emerging Trends & Innovation in ICT (ICEI), pp.33-39, Feb. 2017.