The purpose of this paper is to improve the effectiveness of the Moving Target Defense (MTD)-based protection method, which reduces the problem of using traditional network protection tools due to the static nature of network services and configurations. Options for solving the problems of choosing an adequate time interval for activating the technology of MTD and its application in networks are given. A new approach is proposed, which consists in creating a set of system configurations and changing it when an attack is detected and determined. The design implementation was tested on a network model using software defined networks (SDN). The advantages of the proposed method are highlighted, among which the most significant are: simple operation scheme, ability to deploy the system without the use of software-defined networks and absence of violations of security policies within the system.
Loading....