Abstract
Aimed at the problem of the boundary defense easily being out of availability caused by the static network structure, a novel dynamic enterprise network defense system based on holographic transformation is designed and implemented. To increase the uncertainty of network structure and the position of target nodes, the network view is dynamically changed by constantly transforming endpoint information. Virtual endpoint mutation and hopping period selection are achieved by the hopping address generation module. It takes the advantages of anti-collision and good randomicity of the Chinese national SM3 hash algorithm. The full-cycle hopping period is managed and controlled by the hopping period management mechanism based on the ciphertext policy attribute-based broadcast holographic transformation. Experiments show that the system achieves expected security goals and has good interactivity and high stability.
Highlights
With the continuous development of network technology, enterprise network has become an increasingly important strategic infrastructure
Aimed at the asymmetry of attackers and defenders caused by the certain network structure and the static defense mechanism, network dynamic defense (NDD) proposes a new defense concept.[6]
In the dynamic defense system based on holographic transformation, because of the address of the end node changes, the probability that a malicious adversary successfully scans x target nodes after a change follows the Bernoulli distribution, which can be expressed as PMoving(x) = Cnxl 1⁄2nl=(nl + m)x1⁄21 À nl=(nl + m)nsÀx
Summary
With the continuous development of network technology, enterprise network has become an increasingly important strategic infrastructure. It consists of hopping endpoint address generation module based on the SM3 algorithm, holographic transformation–based hopping full-cycle management module, and integrated management and display platform. Aimed at the problem of information leakage and high-performance overhead in hopping parameter transmission, holographic transformation–based hopping full-cycle control module implements ciphertext access control by attribute-based holographic transformation algorithm. Since the attribute-based holographic transformation algorithm is adopted to protect the confidentiality of hopping endpoint information pool and hopping period range during the transition, the Figure 4. 4. When the user accesses the targeted network, the attribute information is sent to the hopping control center by packet_in message. 6. The hopping control center uses attribute (12.2) Otherwise, the symmetric key is information of endpoint to select hopping decrypted successfully using the private address range and hopping period.
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Distributed Sensor Networks
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
