Preventing SSH remote attacks using moving target defense

Vahid Heydari

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Scopus citations

Abstract

SSH authentication mechanism with a weak password and SSH software vulnerabilities are the two most important ways for remote cyber-attackers to target an SSH server. Knowing the IP address of the SSH server is the first step for these remote attacks. In this research, a new method is presented to use dynamic IP addresses on the SSH server to avoid the server being targeted for SSH attacks. The IP address of the SSH server is changed randomly and dynamically as a Moving Target Defense method to limit an attacker's time to target the server. At the same time, authenticated clients are updated through the use of the Binding Update procedure (standard Mobile IPv6 protocol). Our testbed experiments and scalability tests via simulations show low packet-loss rates that may occur due to the handoff delay.

Original languageEnglish (US)
Title of host publicationProceedings of the 13th International Conference on Cyber Warfare and Security, ICCWS 2018
EditorsJohn S. Hurley, Jim Q. Chen
PublisherAcademic Conferences and Publishing International Limited
Pages272-280
Number of pages9
ISBN (Electronic)9781911218746
StatePublished - 2018
Event13th International Conference on Cyber Warfare and Security, ICCWS 2018 - Washington, United States
Duration: Mar 8 2018Mar 9 2018

Publication series

NameProceedings of the 13th International Conference on Cyber Warfare and Security, ICCWS 2018
Volume2018-March

Other

Other13th International Conference on Cyber Warfare and Security, ICCWS 2018
Country/TerritoryUnited States
CityWashington
Period3/8/183/9/18

All Science Journal Classification (ASJC) codes

  • Computer Science Applications
  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality

Fingerprint

Dive into the research topics of 'Preventing SSH remote attacks using moving target defense'. Together they form a unique fingerprint.

Cite this