메뉴 건너뛰기
소속 기관 / 학교 인증
인증하면 논문, 학술자료 등을  무료로 열람할 수 있어요.
한국대학교, 누리자동차, 시립도서관 등 나의 기관을 확인해보세요
(국내 대학 90% 이상 구독 중)
고객센터 ENG
주제분류

논문 기본 정보

저자정보
출처
Springer Science and Business Media LLC Cybersecurity 7(1)
오류 신고하기
표지

검색

    초록·키워드

    Abstract The integration of Software-Defined Networking (SDN) in storage centers aims to enhance storage performance. However, this integration also introduces new concerns, particularly the potential eavesdropping attacks that pose a substantial risk to data privacy. By issuing flow tables (e.g., via compromised SDN switches), attackers can conveniently collect target traffic and extract confidential information with session reassembly methods. To proactively mitigate such attacks by preventing session reassembly, various moving target defense methods, such as end hopping, have been proposed. However, this study uncovers several deficiencies within existing end hopping methods. To address these deficiencies, we propose a novel linkage-field-based self-synchronizing end hopping method, which obfuscates end information (e.g., IP, Port) and linkage fields (e.g., sequence number and ID number) without third-party assistance. Furthermore, to counter the potential invalidation of end hopping methods resulting from brute-force reassembly of a small number of sessions, we propose a fake segment injection method. Extensive experiments have been conducted both in simulation and real-world environment to evaluate the effectiveness of our proposed methods. The results demonstrate that our proposed methods can effectively defend against eavesdropping attacks with acceptable performance overhead.

    본문·목차

    최근 본 자료 전체보기