Moving target defense is a revolutionary technology changing the antagonistic pattern between attack and defense, with end-point information hopping one of the hotspots in this field. In order to counterpoise the defensive benefit of end-point information hopping and service quality of network system, a novel technique named self-adaptive end-point hopping technique based on adversary strategy awareness is proposed. To solve the blindness problem of hopping mechanism in the course of defense, hopping triggering based on adversary strategy awareness is applied to guide the choice of hopping mode by discriminating the scanning attack strategy, which enhances targeted defense. Furthermore, aimed at the low availability problem caused by limited network resource and high hopping overhead, satisfiability modulo theories are used to formally describe hopping constraints, so as to ensure low hopping overhead. Finally, both theoretical and experimental analyses are performed, demonstrating that the proposed technique can ensure low hopping overhead, while effectively discriminating and defending different types of scanning attacks.

• 出版日期2017-8
• 单位中国科学院信息工程研究所