The motivation behind Software-Defined Networking (SDN) is to allow services and network capabilities to be managed through a central control point. Moving Target Defense (MTD) introduces a constantly changing environment in order to delay or prevent attacks on a system. For the effective use of MTD, SDN can be used to help confuse the attacker from gathering legitimate information about the network. This paper investigates how SDN can be used for some network based MTD techniques and evaluate the benefits of integrating techniques in SDN and MTD. In the experiment, network assets are kept hidden from inside and outside attackers. Furthermore, the SDN controller is programed to perform IP mutation to keep changing real IP addresses of the underlying hosts by assigning each host a virtual IP address at a configured mutation rate to prevent attackers from stealing the real IP addresses or using fake IP addresses. The paper demonstrates experimental evaluation of the MTD technique using the Ryu controller and mininet. The results show that the MTD technique can be easily integrated into the SDN environment to use virtual IP addresses for hosts to reduce the chance of poisoning attacks.

Additional Metadata
Keywords Mininet, Moving target defense, Network security, Ryu controller, Software defined networking
Persistent URL dx.doi.org/10.1109/SERVICES.2019.00050
Conference 2019 IEEE World Congress on Services, SERVICES 2019
Citation
Macwan, S. (Saumil), & Lung, C.H. (2019). Investigation of moving target defense technique to prevent poisoning attacks in SDN. In Proceedings - 2019 IEEE World Congress on Services, SERVICES 2019 (pp. 178–183). doi:10.1109/SERVICES.2019.00050