MPD: Moving Target Defense through Communication Protocol Dialects

10/07/2021
by   Yongsheng Mei, et al.
0

Communication protocol security is among the most significant challenges of the Internet of Things (IoT) due to the wide variety of hardware and software technologies involved. Moving target defense (MTD) has been adopted as an innovative strategy to solve this problem by dynamically changing target system properties and configurations to obfuscate the attack surface. Nevertheless, the existing work of MTD primarily focuses on lower-level properties (e.g., IP addresses or port numbers), and only a limited number of variations can be generated based on these properties. In this paper, we propose a new approach of MTD through communication protocol dialects (MPD) - which dynamically customizes a communication protocol into various protocol dialects and leverages them to create a moving target defense. Specifically, MPD harnesses a dialect generating function to create protocol dialects and then a mapping function to select one specific dialect for each packet during communication. To keep different network entities in synchronization, we also design a self-synchronization mechanism utilizing a pseudo-random number generator with the input of a pre-shared secret key and previously sent packets. We implement a prototype of MPD and evaluate its feasibility on standard network protocol (i.e., File Transfer Protocol) and internet of things protocol (i.e., Message Queuing Telemetry Transport). The results indicate that MPD can create a moving target defense with protocol dialects to effectively address various attacks - including the denial of service attack and malicious packet modifications - with negligible overhead.

READ FULL TEXT

page 13

page 16

research
02/01/2022

A Framework for Server Authentication using Communication Protocol Dialects

In today's world, computer networks have become vulnerable to numerous a...
research
03/15/2020

SOM-based DDoS Defense Mechanism using SDN for the Internet of Things

To effectively tackle the security threats towards the Internet of thing...
research
08/20/2020

Long-Lived LoRa: Prolonging the Lifetime of a LoRa Network

Prolonging the network lifetime is a major consideration in many Interne...
research
11/19/2019

A Game-Theoretic Approach for Enhancing Security and Data Trustworthiness in IoT Applications

Wireless sensor networks (WSNs)-based internet of things (IoT) are among...
research
05/28/2021

Chhoyhopper: A Moving Target Defense with IPv6

Services on the public Internet are frequently scanned, then subject to ...
research
05/08/2020

Proactive Defense for Internet-of-Things: Integrating Moving Target Defense with Cyberdeception

Resource constrained Internet-of-Things (IoT) devices are highly likely ...
research
08/21/2023

Systematically Detecting Packet Validation Vulnerabilities in Embedded Network Stacks

Embedded Network Stacks (ENS) enable low-resource devices to communicate...

Please sign up or login with your details

Forgot password? Click here to reset