How to Disturb Network Reconnaissance: A Moving Target Defense Approach Based on Deep Reinforcement Learning
IEEE Transactions on Information Forensics and Security, ISSN: 1556-6021, Vol: 18, Page: 5735-5748
2023
- 24Citations
- 12Captures
- 1Mentions
Metric Options: CountsSelecting the 1-year or 3-year option will change the metrics count to percentiles, illustrating how an article or review compares to other articles or reviews within the selected time period in the same journal. Selecting the 1-year option compares the metrics against other articles/reviews that were also published in the same calendar year. Selecting the 3-year option compares the metrics against other articles/reviews that were also published in the same calendar year plus the two years prior.
Example: if you select the 1-year option for an article published in 2019 and a metric category shows 90%, that means that the article or review is performing better than 90% of the other articles/reviews published in that journal in 2019. If you select the 3-year option for the same article published in 2019 and the metric category shows 90%, that means that the article or review is performing better than 90% of the other articles/reviews published in that journal in 2019, 2018 and 2017.
Citation Benchmarking is provided by Scopus and SciVal and is different from the metrics context provided by PlumX Metrics.
Example: if you select the 1-year option for an article published in 2019 and a metric category shows 90%, that means that the article or review is performing better than 90% of the other articles/reviews published in that journal in 2019. If you select the 3-year option for the same article published in 2019 and the metric category shows 90%, that means that the article or review is performing better than 90% of the other articles/reviews published in that journal in 2019, 2018 and 2017.
Citation Benchmarking is provided by Scopus and SciVal and is different from the metrics context provided by PlumX Metrics.
Most Recent News
Reports from State Key Laboratory of Networking and Switching Technology Advance Knowledge in Engineering (How To Disturb Network Reconnaissance: a Moving Target Defense Approach Based On Deep Reinforcement Learning)
2023 NOV 01 (NewsRx) -- By a News Reporter-Staff News Editor at NewsRx Policy and Law Daily -- Current study results on Engineering have been
Article Description
With the explosive growth of Internet traffic, large sensitive and valuable information is at risk of cyber attacks, which are mostly preceded by network reconnaissance. A moving target defense technique called host address mutation (HAM) helps facing network reconnaissance. However, there still exist several fundamental problems in HAM: 1) current approaches cannot be self-adaptive to adversarial strategies; 2) network state is time-varying because each host decides whether to mutate IP address; and 3) most methods mainly focus on enhancing security, but ignore the survivability of existing connections. In this paper, an Intelligence-Driven Host Address Mutation (ID-HAM) scheme is proposed to address aforementioned challenges. We firstly model a Markov decision process (MDP) to describe the mutation process, and design a seamless mutation mechanism. Secondly, to remove infeasible actions from the action space of MDP, we formulate address-to-host assignments as a constrained satisfaction problem. Thirdly, we design an advantage actor-critic algorithm for HAM, which aims to learn from scanning behaviors. Finally, security analysis and extensive simulations highlight the effectiveness of ID-HAM. Compared with state-of-the-art solutions, ID-HAM can decrease maximum 25% times of scanning hits while only influencing communication slightly. We also implemented a proof-of-concept prototype system to conduct experiments with multiple scanning tools.
Bibliographic Details
Institute of Electrical and Electronics Engineers (IEEE)
Provide Feedback
Have ideas for a new metric? Would you like to see something else here?Let us know