Experimental evaluation of the IP address space randomisation (IASR) technique and its disruption to selected network services

PDF

Authors
  1. Dondo, M.
Corporate Authors
Defence Research and Development Canada, Ottawa Research Centre, Ottawa ON (CAN)
Abstract
In recent years, some computer network defence (CND) researchers and experts have been suggesting the use of moving target defence (MTD) as a proactive cyber security approach. MTD is a set of network defence techniques such as randomisation, deception, etc., that significantly increases the attacker’s work effort. One randomisation technique, called internet protocol (IP) address space randomisation (IASR), periodically or aperiodically makes random changes to the network‘s IP addresses. This makes it harder for attackers to achieve their goals. However, despite its security benefits, this defence technique disrupts the functioning of some network services. It is therefore important to understand the level of disruption that comes with the technique. In this work, we experimentally evaluate IASR and its disruptive effects on selected network services. Using virtual machines (VMs), we carried out this experiment by setting up a typical computer network that supports selected network services, namely ping, mail, web, and streaming video. We transformed a typical zoned computer network into a flat network and implemented IASR on it. Then, we executed the four selected network services during IASR and made observations on how disruptive the technology could be on these services. The results of our experimental evaluation show variations in performance degradation in some of the selected services when hosts’ IP addresses are changed during IASR, suggesting the need for IASR

Il y a un résumé en français ici.

Keywords
computer network defence;moving target defence;IP address space randomisation
Report Number
DRDC-RDDC-2014-R146 — Scientific Report
Date of publication
01 Nov 2014
Number of Pages
38
DSTKIM No
CA040170
CANDIS No
801240
Format(s):
Electronic Document(PDF)

Permanent link

Document 1 of 1

Date modified: