CLC number: TP393
On-line Access: 2019-03-11
Received: 2018-08-30
Revision Accepted: 2018-11-11
Crosschecked: 2019-01-22
Cited: 0
Clicked: 6794
Yang Chen, Hong-chao HU, Guo-zhen Cheng. Design and implementation of a novel enterprise network defense system by maneuvering multi-dimensional network properties[J]. Frontiers of Information Technology & Electronic Engineering,in press.https://doi.org/10.1631/FITEE.1800516 @article{title="Design and implementation of a novel enterprise network defense system by maneuvering multi-dimensional network properties", %0 Journal Article TY - JOUR
基于多维动态网络属性的新型企业网防御系统的设计与实现关键词组: Darkslateblue:Affiliate; Royal Blue:Author; Turquoise:Article
Reference[1]Al-Fares M, Loukissas A, Vahdat A, 2008. A scalable, commodity data center network architecture. ACM SIGCOMM Conf on Data Communication, p.63-74. [doi:10.1145/1402958.1402967] [2]Antonatos S, Akritidis P, Markatos EP, et al., 2007. Defending against hitlist worms using network address space randomization. Comput Netw, 51(12):3471-3490. [3]Atighetchi M, Pal P, Webber F, et al., 2003. Adaptive use of network-centric mechanisms in cyber-defense. 6th IEEE Int Symp on Object-Oriented Real-Time Distributed Computing, p.183-192. [4]Carroll TE, Crouse M, Fulp EW, et al., 2014. Analysis of network address shuffling as a moving target defense. IEEE Int Conf on Communications, p.701-706. [5]Duan Q, Al-Shaer E, Jafarian H, 2013. Efficient random route mutation considering flow and network constraints. IEEE Conf on Communications and Network Security, p.260-268. [6]Duo, 2018. Liftoff: guide to duo deployment best practices. https://duo.com/assets/pdf/Duo-Liftoff-Guide.pdf [Accessed on Oct. 18, 2018]. [7]Escobedo V, Beyer B, Saltonstall M, et al., 2017. BeyondCorp 5: the user experience. Login, 42(3):38-43. [8]Flores DA, Qazi F, Jhumka A, 2016. Bring your own disclosure: analysing BYOD threats to corporate information. IEEE Trustcom/BigDataSE/ISPA, p.1008-1015. [9]Greenberg A, Hamilton JR, Jain N, et al., 2009. Vl2: a scalable and flexible data center network. ACM SIGCOMM Comput Commun Rev, 39(4):51-62. [10]Guan ZT, Li J, Wu LF, et al., 2017. Achieving efficient and secure data acquisition for cloud-supported Internet of Things in smart grid. IEEE Internet Things J, 4(6):1934-1944. [11]Hutchins E, Cloppert M, Amin R, 2011. Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains. In: Ryan J (Ed.), Leading Issues in Information Warfare & Security Research. Academic Publishing International Limited, London, UK, p.80-106. [12]Jafarian JH, Al-Shaer E, Duan Q, 2012. Openflow random host mutation: transparent moving target defense using software defined networking. 1st Workshop on Hot Topics in Software Defined Networks, p.127-132. [13]Jafarian JH, Al-Shaer E, Duan Q, 2013. Formal approach for route agility against persistent attackers. 18th European Symp on Research in Computer Security, p.237-254. [14]Jafarian JH, Al-Shaer E, Duan Q, 2015. An effective address mutation approach for disrupting reconnaissance attacks. IEEE Trans Inform Forensics Secur, 10(12):2562-2577. [15]Kewley D, Fink R, Lowry J, et al., 2001. Dynamic approaches to thwart adversary intelligence gathering. DARPA Information Survivability Conf and Exposition II, p.176-185. [16]Kindervag J, 2010. Build security into your network‘s DNA: the zero trust network architecture. Technical Report, Forrester Research. http://www.ndm.net/firewall/pdf/palo_alto/Forrester-Build-Security-Into-Your-Network.pdf [Accessed on Nov. 5, 2010]. [17]Kindervag J, 2016. No more chewy centers: the zero-trust model of information security. Technical Report, Forrester Research. http://crystaltechnologies.com/wp-content/uploads/ 2017/12/forrester-zero-trust-model-information-security.pdf [Accessed on Mar. 23, 2016]. [18]Lei C, Ma DH, Zhang HQ, et al., 2017. Network moving target defense technique based on optimal forwarding path migration. J Commun, 38(3):133-143 (in Chinese). [19]Li GL, Wu J, Li JH, et al., 2018. Service popularity-based smart resources partitioning for fog computing-enabled industrial Internet of Things. IEEE Trans Ind Inform, 14(10):4702-4711. [20]Miller KW, Voas J, Hurlburt GF, 2012. BYOD: security and privacy considerations. It Prof, 14(5):53-55. [21]Peck J, Beyer B, Beske C, et al., 2017. Migrating to BeyondCorp: maintaining productivity while improving security. Login, 42(3):49-55. [22]Sharma DP, Kim DS, Yoon S, et al., 2018. FRVM: flexible random virtual IP multiplexing in software-defined networks. 17th IEEE Int Conf on Trust, Security, and Privacy in Computing and Communications/12th IEEE Int Conf on Big Data Science and Engineering, p.579-587. [23]Talipov E, Jin DX, Jung J, et al., 2006. Path hopping based on reverse AODV for security. 9th Asia-Pacific Int Conf on Network Operations and Management: Management of Convergence Networks and Services, p.574-577. [24]Wu J, Dong MX, Ota K, et al., 2018. Big data analysis-based secure cluster management for optimized control plane in software-defined networks. IEEE Trans Netw Serv Manag, 15(1):27-38. [25]Zhou Y, Ni W, Zheng KF, et al., 2017. Scalable node-centric route mutation for defense of large-scale software-defined networks. Secur Commun Netw, 2017:4651395. Journal of Zhejiang University-SCIENCE, 38 Zheda Road, Hangzhou
310027, China
Tel: +86-571-87952783; E-mail: cjzhang@zju.edu.cn Copyright © 2000 - 2024 Journal of Zhejiang University-SCIENCE |
Open peer comments: Debate/Discuss/Question/Opinion
<1>