A cost-effective shuffling method against DDoS attacks using Moving Target Defense
Moving Target Defense(MTD) has emerged as a good solution to alter the asymmetric situation of attacks and defenses, shuffling-based moving target defense has been regarded as one of the most effective ways to mitigate DDoS attacks. However, previous work did not notice that frequent shuffles will significantly intensify the overhead. The MTD technique requires a quantitative measure to compare the cost and effectiveness of available adaptations and explore the best trade-off between them. In this paper, therefore, we propose a novel cost-effective shuffling method against DDoS attacks using MTD. By exploiting Multi-Objective Markov Decision Processes to model the interaction between the attacker and the defender and designing a cost-effective shuffling algorithm, we study the best trade-off between the effectiveness and cost of shuffling in a given shuffling scenario. Finally, simulation and experiment on an experimental SDN network indicate that, our approach imposes an acceptable shuffling overload and has a good effect on resisting DDoS attacks.
READ FULL TEXT