Services on the public Internet are frequently scanned, then subject to brute-force password attempts and Denial-of-Service (DoS) attacks. We would like to run such services stealthily, where they are available to friends but hidden from adversaries. In this work, we propose a discovery-resistant moving target defense named “Chhoyhopper” that utilizes the vast IPv6 address space to conceal publicly available services. The client meets the server at an IPv6 address that changes in a pattern based on a shared, pre-distributed secret and the time of day. By hopping over a /64 prefix, services cannot be found by active scanners, and passively observed information is useless after two minutes. We demonstrate our system with the two important applications—SSH and HTTPS, and make our system publicly available.
Chhoyhopper: A Moving Target Defense with IPv6
A S M Rizvi (University of Southern California/Information Sciences Institute) and John Heidemann (University of Southern California/Information Sciences Institute)
View More Papers
Generation of CAN-based Wheel Lockup Attacks on the Dynamics...
Alireza Mohammadi (University of Michigan-Dearborn), Hafiz Malik (University of Michigan-Dearborn) and Masoud Abbaszadeh (GE Global Research)
Read MoreFedCRI: Federated Mobile Cyber-Risk Intelligence
Hossein Fereidooni (Technical University of Darmstadt), Alexandra Dmitrienko (University of Wuerzburg), Phillip Rieger (Technical University of Darmstadt), Markus Miettinen (Technical...
Read MoreFuzzing Configurations of Program Options
Zenong Zhang (University of Texas at Dallas), George Klees (University of Maryland), Eric Wang (Poolesville High School), Michael Hicks (University...
Read MoreMobFuzz: Adaptive Multi-objective Optimization in Gray-box Fuzzing
Gen Zhang (National University of Defense Technology), Pengfei Wang (National University of Defense Technology), Tai Yue (National University of Defense...
Read More