acm-header
Sign In

Communications of the ACM

ACM Careers

Research Enhances Cybersecurity via Rapid Ip Address Change


View as: Print Mobile App Share:
IPv6 illustration

Credit: iStockPhoto.com

Research exploiting the abundance of addresses available in the new Internet Protocol version 6 (IPv6) to enhance cybersecurity by changing a networked device's IP address repeatedly at a very fast pace recently won recognition at the 11th International Conference on Cyber Warfare and Security (ICCWS) in Boston.

"Preventing Remote Cyber Attacks against Aircraft Avionics Systems" relies on a concept called moving target defense that moves an IP address around rapidly to avoid it being found by an attacker. The research was named the best poster at the 11th ICCWS. 

"Receiving the best poster award means we are exactly on the right track and have a lot of work to do on this topic," says author Vahid Heydari, a computer engineering doctoral student at The University of Alabama in Huntsville (UAH), who presented his research at the conference.

The research exploits the abundance of addresses available in IPv6 to change a networked device's IP address repeatedly at a very fast pace. The concept, called moving target defense, moves an IP address around rapidly to avoid it being found by an attacker.

"IP connectivity is increasingly used in aircraft systems, creating the possibility that unauthorized individuals might access and compromise aircraft avionics systems," says Heydari. "I am working on a Moving Target Mobile IPv6 Defense [MTM6D] that changes the IP addresses randomly and dynamically to prevent remote attacks in the reconnaissance step. Because it uses dynamic IP addresses, it will be very hard for attackers to target a system."

Applications for MTM6D include critical infrastructure networks, aircraft avionics systems, uninterruptible autopilot systems, and anti-censorship systems.

"Fortunately, I found a lot of interest in this topic in the conference," Heydari says. "According to the feedback, this method can increase the security of aircraft and prevent cyber-attacks. Adding this method to aircraft avionics systems can open an avenue for the uninterruptible autopilot system to prevent events like the 9/11 attacks, Malaysia Airlines Flight 370 crash, or the Germanwings Flight 9525 crash."

Heydari attended seven presentations that focused on moving target defenses. "I talked with all of them and obtained some valuable comments for my future work," he says.

"His research proposes a possibility to prevent remote cyber-attacks against undisclosed computer application vulnerabilities, while current technology — such as firewalls or intrusion detection systems — can prevent the attacks only against known vulnerability exploits," says Seong-Moo (Sam) Yoo, associate professor of electrical and computer engineering and Heydari's advisor. "His research could be applied to protect national critical infrastructure networks."

Many researchers and government agencies are interested in moving target defense, says Tommy Morris, director of UAH's Center for Cybersecurity Research and Education.

"Vahid has found a way to use standardized IP version 6 protocol techniques to achieve an effective moving target defense," Morris says. "Vahid's poster was about using moving target defense to defend an avionics system — that is just one of many applicable areas. Moving target defense is useful for industrial control systems, personal computers, servers, the Internet of things, and in many other domains."

The cybersecurity field is broad and there's room for a lot more innovative research at UAH, Heydari says.

"Cyber-attacks are the biggest threats for new technologies and we have expert faculty in this field who can advise students," he says.


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account