Liu Hui-Sheng, Wang Zhen-Xing, Guo Yi. An IPv6 Proactive Network Defense Model Based on Multi-homing Hopping[J]. Journal of Electronics & Information Technology, 2012, 34(7): 1715-1720. doi: 10.3724/SP.J.1146.2011.01350
Citation:
Liu Hui-Sheng, Wang Zhen-Xing, Guo Yi. An IPv6 Proactive Network Defense Model Based on Multi-homing Hopping[J]. Journal of Electronics & Information Technology, 2012, 34(7): 1715-1720. doi: 10.3724/SP.J.1146.2011.01350
Liu Hui-Sheng, Wang Zhen-Xing, Guo Yi. An IPv6 Proactive Network Defense Model Based on Multi-homing Hopping[J]. Journal of Electronics & Information Technology, 2012, 34(7): 1715-1720. doi: 10.3724/SP.J.1146.2011.01350
Citation:
Liu Hui-Sheng, Wang Zhen-Xing, Guo Yi. An IPv6 Proactive Network Defense Model Based on Multi-homing Hopping[J]. Journal of Electronics & Information Technology, 2012, 34(7): 1715-1720. doi: 10.3724/SP.J.1146.2011.01350
Utilized the multi-homing in IPv6, motivated by the idea of frequency hopping communications, multi- homing hopping conception is proposed which can increase the address search space and difficulty of traffic monitoring for attackers by changing the host node address in multiple address domains dynamically. An active defense model is established based on multi-homing hopping. The double random address generation algorithm is proposed which ensured the IP address of the host scattered in multiple address domains randomly. Two address handoff tactics are proposed which ensure the continuance and efficiency of communication. Host address security and traffic security are analyzed. The performance and function of the proposed model are evaluated empirically. The results show that multi-homing hopping based IPv6 proactive network defense model can effectively enhance the attacker overhead and protect the network.
DownLoad: