Vol. 11, No. 1, January 29, 2017
10.3837/tiis.2017.01.026,
Download Paper (Free):
Abstract
Network security is rapidly developing, but so are attack methods. Network worms are one of the most widely used attack methods and have are able to propagate quickly. As an active defense approach to network worms, the honeynet technique has long been limited by the closed architecture of traditional network devices. In this paper, we propose a closed loop defense system of worms based on a Software-Defined Networking (SDN) technology, called Worm-Hunter. The flexibility of SDN in network building is introduced to structure the network infrastructures of Worm-Hunter. By using well-designed flow tables, Worm-Hunter is able to easily deploy different honeynet systems with different network structures and dynamically. When anomalous traffic is detected by the analyzer in Worm-Hunter, it can be redirected into the honeynet and then safely analyzed. Throughout the process, attackers will not be aware that they are caught, and all of the attack behavior is recorded in the system for further analysis. Finally, we verify the system via experiments. The experiments show that Worm-Hunter is able to build multiple honeynet systems on one physical platform. Meanwhile, all of the honeynet systems with the same topology operate without interference.
Statistics
Show / Hide Statistics
Statistics (Cumulative Counts from December 1st, 2015)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.
Cite this article
[IEEE Style]
Y. Hu, K. Zheng, X. Wang, Y. Yang, "WORM-HUNTER: A Worm Guard System using Software-defined Networking," KSII Transactions on Internet and Information Systems, vol. 11, no. 1, pp. 484-510, 2017. DOI: 10.3837/tiis.2017.01.026.
[ACM Style]
Yixun Hu, Kangfeng Zheng, Xu Wang, and Yixian Yang. 2017. WORM-HUNTER: A Worm Guard System using Software-defined Networking. KSII Transactions on Internet and Information Systems, 11, 1, (2017), 484-510. DOI: 10.3837/tiis.2017.01.026.
[BibTeX Style]
@article{tiis:21342, title="WORM-HUNTER: A Worm Guard System using Software-defined Networking", author="Yixun Hu and Kangfeng Zheng and Xu Wang and Yixian Yang and ", journal="KSII Transactions on Internet and Information Systems", DOI={10.3837/tiis.2017.01.026}, volume={11}, number={1}, year="2017", month={January}, pages={484-510}}