-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #4 from StrangeRanger/dev
- Loading branch information
Showing
5 changed files
with
13 additions
and
2 deletions.
There are no files selected for viewing
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,3 @@ | ||
| Moving Target Defense (MTD) has been hailed as a revolutionary strategy in cybersecurity that increases complexity and costs for attackers while reducing the exposure of vulnerabilities and enhancing system resilience \cite{cai2016network}. This paper introduced the \texttt{ip-shuffle} script, a robust solution for dynamically allocating random IP addresses to network interfaces, thereby impeding attackers' reconnaissance efforts. | ||
| Moving Target Defense (MTD) has been hailed as a revolutionary strategy in cybersecurity that increases complexity and costs for attackers while reducing the exposure of vulnerabilities and enhancing system resilience~\cite{cai2016introduction}. This paper introduced the \texttt{ip-shuffle} script, a robust solution for dynamically allocating random IP addresses to network interfaces, thereby impeding attackers' reconnaissance efforts. | ||
| The \texttt{ip-shuffle} script provides a systematic approach to dynamic IP address assignment through its modular design and comprehensive functionalities, including generating random IP addresses, verifying availability, and validating network configurations. By leveraging error-handling mechanisms and Unix signal responsiveness, the script ensures reliable execution and strengthens network resilience. The evaluation demonstrated the impact of \texttt{ip-shuffle} in complicating reconnaissance and lateral movement by continually altering IP addresses within a subnet, making it challenging for attackers to establish a static network view. | ||
| In future work, the potential of integrating this technique with Software Defined Networking (SDN) could offer more robust and flexible defense mechanisms. Additionally, addressing the limitations of MAC address fingerprinting and evaluating the impact on legitimate network users will further improve this Moving Target Defense strategy. Overall, the \texttt{ip-shuffle} script exemplifies proactive defense strategies that make it increasingly difficult for attackers to identify and exploit vulnerabilities. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,2 +1,2 @@ | ||
| In the rapidly evolving field of cybersecurity, attackers constantly refine their reconnaissance and lateral movement techniques to compromise networked systems. Moving Target Defense (MTD) strategies have emerged as a proactive solution to complicate and thwart such attacks by introducing uncertainty and unpredictability into network operations. | ||
| In the rapidly evolving field of cybersecurity, attackers constantly refine their reconnaissance and lateral movement techniques to compromise networked systems. Moving Target Defense (MTD) strategies have emerged as a proactive solution to complicate and thwart such attacks by introducing uncertainty and unpredictability into network operations. MTD aims to render attackers' collected intelligence ineffective by dynamically altering the attack surface, such as netowrk and system configurations~\cite{8805766}. | ||
| One such MTD technique is known as IP shuffling, which involves dynamically changing the IP addresses of systems within a network to impede reconnaissance. This paper introduces the \texttt{ip-shuffle} script, a Bash-based tool that dynamically assigns random IP addresses to a computer’s network interface within a specified range, verifies its availability, and ensures proper configuration. By unpredictably rotating IP addresses within a subnet, the \texttt{ip-shuffle} script disrupts attackers’ ability to establish a static view of the network, making reconnaissance challenging. The script achieves efficient and reliable IP address assignment through distinct functions for IP address generation, availability verification, network configuration validation, and gateway reachability testing. The \texttt{ip-shuffle} script incorporates comprehensive error handling and compatibility with Linux and BSD systems to provide a basic solution for scenarios requiring dynamic IP address allocation. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.