|
|
|
| An IPv6 Proactive Network Defense Model Based on Multi-homing Hopping |
| Liu Hui-sheng Wang Zhen-xing Guo Yi |
| PLA Information Science and Technology University, Zhengzhou 450002, China |
|
|
|
|
Abstract Utilized the multi-homing in IPv6, motivated by the idea of frequency hopping communications, multi- homing hopping conception is proposed which can increase the address search space and difficulty of traffic monitoring for attackers by changing the host node address in multiple address domains dynamically. An active defense model is established based on multi-homing hopping. The double random address generation algorithm is proposed which ensured the IP address of the host scattered in multiple address domains randomly. Two address handoff tactics are proposed which ensure the continuance and efficiency of communication. Host address security and traffic security are analyzed. The performance and function of the proposed model are evaluated empirically. The results show that multi-homing hopping based IPv6 proactive network defense model can effectively enhance the attacker overhead and protect the network.
|
|
Received: 19 December 2011
|
|
|
|
Corresponding Authors:
Liu Hui-sheng
E-mail: giamo@mspil.edu.cn
|
|
|
|
|
|
|
2012, Vol. 34 
