DYNAMIC HONEYPOT DEPLOYMENT IN SDN: INTEGRATING MOVING TARGET DEFENSE AND DECEPTION MECHANISMS FOR ENHANCED CYBERSECURITY

  • HARMAN Y. I. KHALID *Dept. of Computer Science, College of Science, University of Duhok, Kurdistan Region-Iraq
  • NAJLA B. I. ALDABAGH ALDABAGH **Dept. of Computer Science, College of Computer Science and Mathematics, University of Mosul-Iraq

Abstract

Deception mechanisms such as honeypots proved to be effective security mechanisms that lure cyber attackers to fake services away from real services , log their behavior to be analyzed in order to extract knowledge about their operation. Honeypots have been adopted by the research community since they can detect passive scanning attacks, which attackers usually perform to collect knowledge about the current network to prepare for larger attacks. However, the static deployment of honeypots makes them easier to be exposed by skilled attackers. Therefore, it is necessary to make honeypot deployments in the network dynamically and proactively. To overcome this shortcoming, Moving Target Defense (MTD) is a solution technology that changes network configuration parameters efficiently, either reactively or proactively, to falsify the details collected by attackers in order to disrupt the intended cyber attack. In this paper, we present a review of the current work on MTD techniques in Software Defined Networking (SDN) environment and highlight some important requirements for MTD applications and their issues. Moreover, we present a theoretical model of a cyber security mechanism combining MTD with a deception mechanism implemented as an SDN controller.

Downloads

Download data is not yet available.

References

Belalis, I., Kavallieratos, G., Gkioulos, V., & Spathoulas, G. (n.d.). Enabling Defensive Deception by Leveraging Software Defined Networks.
Cho, J. H., & Ben-Asher, N. (2018). Cyber defense in breadth: Modeling and analysis of integrated defense systems. Journal of Defense Modeling and Simulation, 15(2), 147–160. doi: 10.1177/1548512917699725
Chowdhary, A., Pisharody, S., & Huang, D. (2016). SDN based scalable MTD solution in cloud network. MTD 2016 - Proceedings of the 2016 ACM Workshop on Moving Target Defense, Co-Located with CCS 2016, 27–36. doi: 10.1145/2995272.2995274
Duy, P. T., Hoang, H. Do, Khoa, N. H., Thu Hien, D. T., & Pham, V. H. (2022). Fool Your Enemies: Enable Cyber Deception and Moving Target Defense for Intrusion Detection in SDN. 2022 21st International Symposium on Communications and Information Technologies, ISCIT 2022, 27–32. doi: 10.1109/ISCIT55906.2022.9931208
Faraz Hyder, M., & Umer Farooq, M. (2021). Towards Countering the Insider Reconnaissance Using a Combination of Shuffling and Diversity Moving Target Defense Techniques. In Technology & Applied Science Research (Vol. 11, Issue 6). Retrieved from www.etasr.com
Galadima, H., Seeam, A., & Ramsurrun, V. (2022). Cyber Deception against DDoS attack using Moving Target Defence Framework in SDN IOT-EDGE Networks. 2022 3rd International Conference on Next Generation Computing Applications (NextComp), 1–6. doi: 10.1109/NextComp55567.2022.9932172
Gao, C., Wang, Y., Xiong, X., & Zhao, W. (2021). MTDCD: An MTD Enhanced Cyber Deception Defense System. IMCEC 2021 - IEEE 4th Advanced Information Management, Communicates, Electronic and Automation Control Conference, 1412–1417. doi: 10.1109/IMCEC51613.2021.9482133
Gao, Y., Zhang, G., & Xing, C. (2021). A Multiphase Dynamic Deployment Mechanism of Virtualized Honeypots Based on Intelligent Attack Path Prediction. Security and Communication Networks, 2021. doi: 10.1155/2021/6378218
Ge, M., Cho, J. H., Kim, D., DIxit, G., & Chen, I. R. (2022). Proactive Defense for Internet-of-things: Moving Target Defense with Cyberdeception. ACM Transactions on Internet Technology, 22(1). doi: 10.1145/3467021
Hyder, M. F., & Ismail, M. A. (2021). Securing Control and Data Planes from Reconnaissance Attacks Using Distributed Shadow Controllers, Reactive and Proactive Approaches. IEEE Access, 9, 21881–21894. doi: 10.1109/ACCESS.2021.3055577
Ibrahim, H. Y., Ismael, P. M., Albabawat, A. A., & Al-Khalil, A. B. (2020). A Secure Mechanism to Prevent ARP Spoofing and ARP Broadcasting in SDN. 2020 International Conference on Computer Science and Software Engineering (CSASE), 13–19. doi: 10.1109/CSASE48920.2020.9142092
Jalowski, Ł., Zmuda, M., & Rawski, M. (2022). A Survey on Moving Target Defense for Networks: A Practical View. Electronics (Switzerland), 11(18). doi: 10.3390/electronics11182886
KHALID, H., ISMAEL, P., & AL-KHALIL, A. (2019). EFFICIENT MECHANISM FOR SECURING SOFTWARE DEFINED NETWORK AGAINST ARP SPOOFING ATTACK. The Journal of the University of Duhok, 22(1), 124–131. doi: 10.26682/sjuod.2019.22.1.14
Luo, X., Yan, Q., Wang, M., & Huang, W. (2019). Using MTD and SDN-based Honeypots to Defend DDoS Attacks in IoT. 2019 Computing, Communications and IoT Applications, ComComAp 2019, 392–395. doi: 10.1109/ComComAp46287.2019.9018775
Ryapukhin, A. V., Karpukhin, E. O., & Zhuikov, I. O. (2022). Method of Forming Various Configurations of Telecommunication System Using Moving Target Defense. Inventions, 7(3). doi: 10.3390/inventions7030083
Sharma, D. P., Kim, D. S., Yoon, S., Lim, H., Cho, J.-H., & Moore, T. J. (2018). FRVM: Flexible Random Virtual IP Multiplexing in Software-Defined Networks. Retrieved from http://arxiv.org/abs/1807.09343
Steinberger, J., Kuhnert, B., Dietz, C., Ball, L., Sperotto, A., Baier, H., Pras, A., & Dreo, G. (2018). DDoS defense using MTD and SDN. NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium, 1–9. doi: 10.1109/NOMS.2018.8406221
Valdovinos, I. A., Pérez-Díaz, J. A., Choo, K. K. R., & Botero, J. F. (2021). Emerging DDoS attack detection and mitigation strategies in software-defined networks: Taxonomy, challenges and future directions. In Journal of Network and Computer Applications (Vol. 187). Academic Press. doi: 10.1016/j.jnca.2021.103093
Yousif, H., Khalid, I., Badie, N., & Aldabagh, I. (2024). A Survey on the Latest Intrusion Detection Datasets for Software Defined Networking Environments. Technology & Applied Science Research, 14(2), 13190–13200. doi: 10.48084/etasr.6756
Yousif Khalid, H., & Badie Aldabagh, N. (2024). Exploring Honeypot as a Deception and Trigger Mechanism for Real-Time Attack Detection in Software-Defined Networking. International Journal of Computing and Digital Systems, 15(1), 951–960. doi: 10.12785/ijcds/160169
Zhou, Y., Cheng, G., & Yu, S. (2021). An SDN-Enabled Proactive Defense Framework for DDoS Mitigation in IoT Networks. IEEE Transactions on Information Forensics and Security, 16, 5366–5380. doi: 10.1109/TIFS.2021.3127009
Published
2024-10-31
How to Cite
KHALID, H. Y. I., & ALDABAGH, N. B. I. A. (2024). DYNAMIC HONEYPOT DEPLOYMENT IN SDN: INTEGRATING MOVING TARGET DEFENSE AND DECEPTION MECHANISMS FOR ENHANCED CYBERSECURITY. Journal of Duhok University, 27(1), 76-94. Retrieved from https://journal.uod.ac/index.php/uodjournal/article/view/3367
Issue
Vol. 27 No. 1 (2024): section: Pure and Engineering Sciences
Section
Pure and Engineering Sciences

It is the policy of the Journal of Duhok University to own the copyright of the technical contributions. It publishes and facilitates the appropriate re-utilize of the published materials by others. Photocopying is permitted with credit and referring to the source for individuals use.

Copyright © 2017. All Rights Reserved.