Issue No. 04 - July-Aug. (2012 vol. 10)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2012.28
Matthew Dunlop , Virginia Tech
Stephen Groat , Virginia Tech
William Urbanski , Dell SecureWorks
Randy Marchany , Virginia Tech
Joseph Tront , Virginia Tech
Most networks today employ static network defenses. The problem with static defenses is that adversaries have unlimited time to circumvent them. This article proposes a moving-target defense based on the Internet Protocol version 6 (IPv6) that dynamically obscures network-layer and transport-layer addresses. This technique can be thought of as "frequency hopping" in the Internet Protocol space. By constantly moving the logical location of a host on a network, this technique prevents targeted attacks, host tracking, and eavesdropping. The authors demonstrate the design's feasibility and functionality using prototypes deployed on Virginia Tech's campuswide IPv6 network.
Logic gates, Privacy, Protocols, Receivers, Cryptography, IP networks, Target detection, privacy, moving-target defense, IPv6, security
R. Marchany, W. Urbanski, S. Groat, M. Dunlop and J. Tront, "The Blind Man's Bluff Approach to Security Using IPv6," in IEEE Security & Privacy, vol. 10, no. , pp. 35-43, 2012.