Dr. Kemal Akkaya
One of the recent paradigms to provide security is based on the idea of dynamic networks, which is referred to as moving target defense (MTD). MTD aims to provide agility and/or adaptivity to current networks in order to make it harder for the attackers to launch attacks. Since dynamicity and centralized management is utmost important in applying MTD and forensics, the emerging software-defined networking (SDN) and network function virtualization (NFV) can be an excellent technology that can be integrated with MTD and forensics systems for efficient and cost-effective operations. SDN is a key in terms of imposing network-wide policies, upgrades and state changes. This project aims to investigate the potential of SDN and NFV in addressing cybersecurity and resilience for the existing enterprise networks and provide a cost-benefit analysis for all the stakeholders involved in such research and development. In particular, DDoS attacks that aim to congest permanent links are considered. New MTD approaches subordinated with SDN will dynamically change the routes by using the generated fake virtual routes and direct traffic to internal analyzers. In addition to assessing the overhead of network state changes, we also proposed a signaling game-theoretic model for defender-attacker interaction.