Moving Target Defense

Moving Target Defense

Docket: UAH-P-16016, 16017, 16018, 16019, 16020

Technology

Cyber-attacks on critical infrastructure could be catastrophic. Health care, finance, and defense are just three areas where prolonged power interruption could prove disastrous. This makes industrial system security one of the most important areas of information security.

Remote attackers can initiate an attack from anywhere on the globe. The first step in a typical attack is to do reconnaissance on the target, identifying needed information about the target. One of the most critical pieces of information in this step is the target’s IP address. Static IP addresses can help attackers by being easily discoverable and by remaining connected statically for long periods of time, making the targets “sitting ducks.” An effective defense mechanism is to change the IP addresses randomly and dynamically.

Researchers at UAH have developed a Moving Target Mobile IPv6 Defense (MTM6D) to dynamically alter the IP addresses of critical infrastructure servers. Using the latest Mobile IPv6 IETF standard, the MTM6D would essentially mask the web identity of a critical industrial member, securing it from potential cyber-attacks. The MTM6D would eliminate packet loss due to address collision and would feature a binding update mechanism to inform correspondent nodes of the varying dynamic IP addresses.

Applications

  • Critical infrastructures
  • VPNs
  • Aircraft avionic systems
  • Anti-censorship frameworks

Advantages

  • Mitigates packet loss due to address collision
  • Dynamic IP address rotation intervals
  • Hides permanent IP (home address) and uses temporary IP for node connections
  • Changes temporary IP dynamically without dropping any packet

Status

  • State of Development: Proof of concept
  • Licensing Status: Available for licensing
  • Patent Status: Proprietary