TY  - EJOU
AU  - Yan, Jiajun 
AU  - Zhou, Ying 
AU  - Dai, Anchen 
AU  - Wang, Tao 

TI  - Securing Forwarding Layers from Eavesdropping Attacks Using Proactive Approaches
T2  - Computers, Materials \& Continua

PY  - 2024
VL  - 79
IS  - 1
SN  - 1546-2226

AB  - As an emerging network paradigm, the software-defined network (SDN) finds extensive application in areas such as smart grids, the Internet of Things (IoT), and edge computing. The forwarding layer in software-defined networks is susceptible to eavesdropping attacks. Route hopping is a moving target defense (MTD) technology that is frequently employed to resist eavesdropping attacks. In the traditional route hopping technology, both request and reply packets use the same hopping path. If an eavesdropping attacker monitors the nodes along this path, the risk of 100% data leakage becomes substantial. In this paper, we present an effective route hopping approach, called two-day different path (TDP), that turns communication paths into untraceable moving targets. This technology minimizes the probability of data leakage by transmitting request data and reply data through different paths. Firstly, a brief introduction to the network model and attack model involved in this paper is given. Secondly, the algorithm and processing method of the TDP are proposed. Thirdly, the paper proposes three different metrics to measure the effectiveness of the proposed approach. Finally, theoretical analysis and simulation results show that the TDP can effectively reduce the percentage of data exposure, decrease eavesdropping attack success probability, and improve the unpredictability of the path.
KW  - Route hopping; moving target defense; software-defined network; two-way different path; metrics

DO  - 10.32604/cmc.2024.048922