TOTP Moving Target Defense for sensitive network services
Cunha , V. A.
Pervasive and Mobile Computing Vol. 74, Nº 101412, pp. 101412 - 101412, May, 2021.
ISSN (print): 1574-1192
Scimago Journal Ranking: 1,06 (in 2021)
Digital Object Identifier: 10.1016/j.pmcj.2021.101412
Download Full text PDF ( 980 KBs)
Downloaded 5 times
Edge computing is crucial for many of the new 5G business vertical use-cases, such as Industry 4.0 robots, safety-critical communications, and highly-efficient smart grids. However, the tighter integration of such impactful businesses into previously core network operations raises significant security, trustworthiness, and reliability issues. A business vertical must not compromise the Edge platform to other business verticals. Likewise, the vertical Network Services (NSs) entrusted to the Edge should not be compromisable by adversary action. Inspired by the existing Internet Services Two-Factor Authentication (2FA) systems, we propose a Moving Target Defense (MTD) mechanism that protects sensitive NSs using a port mutation akin to a seamless Time-based One-Time Password (TOTP) authentication. Our architecture leverages Software-Defined Networking (SDN) to perform the mutations, having the option of working exclusively as a Virtual Network Function (VNF) that can be instantiated on-demand, or in conjunction with OpenFlow hardware-accelerated switches for smarter resource usage. The straightforward Proof-of-Concept implementation showed the approach was viable, with good forwarding plane performance (exceeding the current Network Interface Controllers capabilities), and effective at stopping the unauthorized interactions with the NS being protected. Because the TOTP approach depends on time and there is commonly occurring jitter (e.g., network), the Threat Detection must make a trade-off between minimizing false-positives (too many alarms) and having false-negatives (attempts that go unreported). We have struck a balance that reduces the probability of a rogue probe reaching the NS to nearly 0.0045%, while the probability of stopping an attack but not generating the alarm is approximately 2%. Future work, such as adaptive delay compensation or the use of AI/ML, may further improve the effectiveness of the solution.