Network moving target defense technique based on collaborative mutation

Moving target defense is emerging as a research hotspot in addressing the asymmetric situation between attack and defense in cyberspace, and network mutation is one of the key technologies. In order to improve the defensive benefit brought by network mutation and ensure the service quality of network systems, a novel network moving target defense technique based on collaborative mutation is proposed. In order to maximize the defensive benefit, collaborative mutation and self-learning mutation strategy selection are proposed. In collaborative mutation, end-point mutation and routing mutation are adopted collaboratively so as to improve mutation space. Mutation strategy selection based on adversary strategy awareness is designed by using hypothesis test to self-learn malicious reconnaissance strategies, thus maximizing the unpredictability of network mutation. Then, the satisfiability modulo theories and mutation collision avoidance are used to improve availability in networks with limited resources. Satisfiability modulo theory is used to formally describe the overhead constraints of the mutation, so as to ensure the quality of service. Besides, mutation collision avoidance based on network fingerprinting is designed to eliminate mutation collision, thus improving the availability of the proposed method. Finally, theoretical and experimental analyses demonstrate that the proposed technique can effectively resist different types of malicious reconnaissance strategies and ensure low mutation overhead at the same time.