Moving Target Defense for Securing SCADA Communications

Vahid Heydari

Research output: Contribution to journalArticlepeer-review

18 Scopus citations


In this paper, we introduce a framework for building a secure and private peer to peer communication used in supervisory control and data acquisition networks with a novel Mobile IPv6-based moving target defense strategy. Our approach aids in combating remote cyber-attacks against peer hosts by thwarting any potential attacks at their reconnaissance stage. The IP address of each host is randomly changed at a certain interval creating a moving target to make it difficult for an attacker to find the host. At the same time, the peer host is updated through the use of the binding update procedure (standard Mobile IPv6 protocol). Compared with existing results that can incur significant packet-loss during address rotations, the proposed solution is loss-less. Improving privacy and anonymity for communicating hosts by removing permanent IP addresses from all packets is also one of the major contributions of this paper. Another contribution is preventing black hole attacks and bandwidth depletion DDoS attacks through the use of extra paths between the peer hosts. Recovering the communication after rebooting a host is also a new contribution of this paper. Lab-based simulation results are presented to demonstrate the performance of the method in action, including its overheads. The testbed experiments show zero packet-loss rate during handoff delay.

Original languageEnglish (US)
Pages (from-to)33329-33343
Number of pages15
JournalIEEE Access
StatePublished - Jun 20 2018
Externally publishedYes

All Science Journal Classification (ASJC) codes

  • General Computer Science
  • General Materials Science
  • General Engineering


Dive into the research topics of 'Moving Target Defense for Securing SCADA Communications'. Together they form a unique fingerprint.

Cite this