{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,5]],"date-time":"2026-03-05T15:31:41Z","timestamp":1772724701926,"version":"3.50.1"},"reference-count":47,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2024,11,7]],"date-time":"2024-11-07T00:00:00Z","timestamp":1730937600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2024,11,7]],"date-time":"2024-11-07T00:00:00Z","timestamp":1730937600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61861013"],"award-info":[{"award-number":["61861013"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100013091","name":"Science and Technology Major Project of Guangxi","doi-asserted-by":"crossref","award":["AA18118031"],"award-info":[{"award-number":["AA18118031"]}],"id":[{"id":"10.13039\/501100013091","id-type":"DOI","asserted-by":"crossref"}]},{"DOI":"10.13039\/100012547","name":"Natural Science Foundation of Guangxi Zhuang Autonomous Region","doi-asserted-by":"publisher","award":["2018GXNSFAA281318"],"award-info":[{"award-number":["2018GXNSFAA281318"]}],"id":[{"id":"10.13039\/100012547","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Cybersecurity"],"abstract":"<jats:title>Abstract<\/jats:title><jats:p>The integration of Software-Defined Networking (SDN) in storage centers aims to enhance storage performance. However, this integration also introduces new concerns, particularly the potential eavesdropping attacks that pose a substantial risk to data privacy. By issuing flow tables (e.g., via compromised SDN switches), attackers can conveniently collect target traffic and extract confidential information with session reassembly methods. To proactively mitigate such attacks by preventing session reassembly, various moving target defense methods, such as end hopping, have been proposed. However, this study uncovers several deficiencies within existing end hopping methods. To address these deficiencies, we propose a novel linkage-field-based self-synchronizing end hopping method, which obfuscates end information (e.g., IP, Port) and linkage fields (e.g., sequence number and ID number) without third-party assistance. Furthermore, to counter the potential invalidation of end hopping methods resulting from brute-force reassembly of a small number of sessions, we propose a fake segment injection method. Extensive experiments have been conducted both in simulation and real-world environment to evaluate the effectiveness of our proposed methods. The results demonstrate that our proposed methods can effectively defend against eavesdropping attacks with acceptable performance overhead.<\/jats:p>","DOI":"10.1186\/s42400-024-00255-3","type":"journal-article","created":{"date-parts":[[2024,11,7]],"date-time":"2024-11-07T01:01:53Z","timestamp":1730941313000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["A proactive defense method against eavesdropping attack in SDN-based storage environment"],"prefix":"10.1186","volume":"7","author":[{"given":"Yuming","family":"Liu","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yong","family":"Wang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hao","family":"Feng","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2024,11,7]]},"reference":[{"issue":"4","key":"255_CR1","doi-asserted-by":"publisher","first-page":"36","DOI":"10.1109\/MCOM.2015.7081073","volume":"53","author":"A Akhunzada","year":"2015","unstructured":"Akhunzada A, Ahmed E, Gani A, Khan MK, Imran M, Guizani S (2015) Securing software defined networks: taxonomy, requirements, and open issues. IEEE Commun Mag 53(4):36\u201344","journal-title":"IEEE Commun Mag"},{"key":"255_CR2","doi-asserted-by":"publisher","first-page":"137","DOI":"10.1016\/j.jnca.2016.01.008","volume":"62","author":"S Alneyadi","year":"2016","unstructured":"Alneyadi S, Sithirasenan E, Muthukkumarasamy V (2016) A survey on data leakage prevention systems. J Netw Comput Appl 62:137\u2013152","journal-title":"J Netw Comput Appl"},{"key":"255_CR3","doi-asserted-by":"crossref","unstructured":"Aseeri A, Netjinda N, Hewett R (2017) Alleviating eavesdropping attacks in software-defined networking data plane. In: Proceedings of the 12th annual conference on cyber and information security research, pp 1\u20138","DOI":"10.1145\/3064814.3064832"},{"key":"255_CR4","unstructured":"Axboe J (2024) FIO. https:\/\/github.com\/axboe\/fio\/"},{"issue":"17","key":"255_CR5","doi-asserted-by":"publisher","DOI":"10.1103\/PhysRevLett.88.174102","volume":"88","author":"C Bandt","year":"2002","unstructured":"Bandt C, Pompe B (2002) Permutation entropy: a natural complexity measure for time series. Phys Rev Lett 88(17):174102","journal-title":"Phys Rev Lett"},{"key":"255_CR6","unstructured":"Beham A (2024) SimSharp. https:\/\/github.com\/heal-research\/SimSharp\/"},{"key":"255_CR7","unstructured":"Benson T (2024) UNI1. https:\/\/pages.cs.wisc.edu\/~tbenson\/IMC10_Data.html"},{"key":"255_CR8","unstructured":"Biondi P (2024) Scapy\u00a0community: Scapy. https:\/\/scapy.net\/"},{"issue":"1","key":"255_CR9","doi-asserted-by":"publisher","first-page":"308","DOI":"10.1109\/TNSM.2018.2889842","volume":"16","author":"S-Y Chang","year":"2018","unstructured":"Chang S-Y, Park Y, Babu BBA (2018) Fast IP hopping randomization to secure hop-by-hop access in SDN. IEEE Trans Netw Serv Manag 16(1):308\u2013320","journal-title":"IEEE Trans Netw Serv Manag"},{"issue":"6","key":"255_CR10","first-page":"139","volume":"41","author":"FC Chen","year":"2020","unstructured":"Chen FC, He WZ, Cheng GZ et al (2020) Design of key technologies for intranet dynamic gateway based on DPDK. J Commun 41(6):139\u2013151","journal-title":"J Commun"},{"issue":"1","key":"255_CR11","doi-asserted-by":"publisher","first-page":"205","DOI":"10.1109\/TDSC.2018.2882825","volume":"18","author":"W Connell","year":"2018","unstructured":"Connell W, Menasce DA, Albanese M (2018) Performance modeling of moving target defenses with reconfiguration limits. IEEE Trans Depend Secure Comput 18(1):205\u2013219","journal-title":"IEEE Trans Depend Secure Comput"},{"key":"255_CR12","doi-asserted-by":"publisher","DOI":"10.1016\/j.pmcj.2021.101412","volume":"74","author":"VA Cunha","year":"2021","unstructured":"Cunha VA, Corujo D, Barraca JP, Aguiar RL (2021) TOTP moving target defense for sensitive network services. Pervasive Mob Comput 74:101412","journal-title":"Pervasive Mob Comput"},{"key":"255_CR13","unstructured":"Datta T, Feamster N, Rexford J, Wang L (2019) Spine: surveillance protection in the network elements. In: 9th USENIX workshop on free and open communications on the internet (FOCI 19)"},{"issue":"5","key":"255_CR14","doi-asserted-by":"publisher","first-page":"2172","DOI":"10.1109\/TIM.2019.2918597","volume":"69","author":"C DeCusatis","year":"2019","unstructured":"DeCusatis C, Lynch RM, Kluge W, Houston J, Wojciak PA, Guendert S (2019) Impact of cyberattacks on precision time protocol. IEEE Trans Instrum Meas 69(5):2172\u20132181","journal-title":"IEEE Trans Instrum Meas"},{"key":"255_CR15","unstructured":"Diamond S (2024) CVXPY\u00a0community: CVXPY. https:\/\/www.cvxpy.org\/"},{"key":"255_CR16","doi-asserted-by":"crossref","unstructured":"Duan Q, Al-Shaer E, Jafarian H (2013) Efficient random route mutation considering flow and network constraints. In: 2013 IEEE conference on communications and network security (CNS). IEEE, pp 260\u2013268","DOI":"10.1109\/CNS.2013.6682715"},{"issue":"18","key":"255_CR17","doi-asserted-by":"publisher","first-page":"16908","DOI":"10.1109\/JIOT.2022.3144971","volume":"9","author":"Y Fan","year":"2022","unstructured":"Fan Y, Wu G, Li K-C, Castiglione A (2022) Robust end hopping for secure satellite communication in moving target defense. IEEE Internet Things J 9(18):16908\u201316916","journal-title":"IEEE Internet Things J"},{"key":"255_CR18","unstructured":"Govil Y, Wang L, Rexford J (2020) MIMIQ: masking IPs with migration in QUIC. In: 10th USENIX workshop on free and open communications on the internet (FOCI 20)"},{"key":"255_CR19","doi-asserted-by":"publisher","first-page":"149255","DOI":"10.1109\/ACCESS.2020.3016076","volume":"8","author":"M Gregorczyk","year":"2020","unstructured":"Gregorczyk M, \u017b\u00f3rawski P, Nowakowski P, Cabaj K, Mazurczyk W (2020) Sniffing detection based on network traffic probing and machine learning. IEEE Access 8:149255\u2013149269","journal-title":"IEEE Access"},{"key":"255_CR20","doi-asserted-by":"crossref","unstructured":"Gudu D, Hardt M, Streit A (2014) Evaluating the performance and scalability of the Ceph distributed storage system. In: 2014 IEEE international conference on big data (Big Data). IEEE, pp 177\u2013182","DOI":"10.1109\/BigData.2014.7004229"},{"key":"255_CR21","doi-asserted-by":"crossref","unstructured":"Guillen L, Izumi S, Abe T, Suganuma T, Muraoka H (2018) SDN-based hybrid server and link load balancing in multipath distributed storage systems. In: NOMS 2018-2018 IEEE\/IFIP network operations and management symposium. IEEE, pp 1\u20136","DOI":"10.1109\/NOMS.2018.8406286"},{"key":"255_CR22","doi-asserted-by":"crossref","unstructured":"Handley M, Raiciu C, Agache A, Voinescu A, Moore AW, Antichi G, W\u00f3jcik M (2017) Re-architecting datacenter networks and stacks for low latency and high performance. In: Proceedings of the conference of the ACM special interest group on data communication, pp 29\u201342","DOI":"10.1145\/3098822.3098825"},{"key":"255_CR23","doi-asserted-by":"crossref","unstructured":"Jafarian JH, Al-Shaer E, Duan Q (2012) Openflow random host mutation: transparent moving target defense using software defined networking. In: Proceedings of the first workshop on hot topics in software defined networks, pp 127\u2013132","DOI":"10.1145\/2342441.2342467"},{"key":"255_CR24","doi-asserted-by":"crossref","unstructured":"Jafarian JHH, Al-Shaer E, Duan Q (2014) Spatio-temporal address mutation for proactive cyber agility against sophisticated attackers. In: Proceedings of the first ACM workshop on moving target defense, pp 69\u201378","DOI":"10.1145\/2663474.2663483"},{"key":"255_CR25","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.102958","volume":"124","author":"JH Jafarian","year":"2023","unstructured":"Jafarian JH, Niakanlahiji A (2023) MultiRHM: defeating multi-staged enterprise intrusion attacks through multi-dimensional and multi-parameter host identity anonymization. Comput Secur 124:102958","journal-title":"Comput Secur"},{"issue":"1","key":"255_CR26","first-page":"9","volume":"9","author":"AN Khan","year":"2012","unstructured":"Khan AN, Qureshi K, Khan S (2012) An intelligent approach of sniffer detection. Int Arab J Inf Technol 9(1):9\u201315","journal-title":"Int Arab J Inf Technol"},{"key":"255_CR27","doi-asserted-by":"crossref","unstructured":"Kher V, Kim Y (2005) Securing distributed storage: challenges, techniques, and systems. In: Proceedings of the 2005 ACM workshop on storage security and survivability, pp 9\u201325","DOI":"10.1145\/1103780.1103783"},{"issue":"8","key":"255_CR28","doi-asserted-by":"publisher","first-page":"6578","DOI":"10.1109\/JIOT.2020.3048842","volume":"8","author":"G Liu","year":"2021","unstructured":"Liu G, Quan W, Cheng N, Gao D, Lu N, Zhang H, Shen X (2021) Softwarized IoT network immunity against eavesdropping with programmable data planes. IEEE Internet Things J 8(8):6578\u20136590","journal-title":"IEEE Internet Things J"},{"issue":"3","key":"255_CR29","doi-asserted-by":"publisher","first-page":"496","DOI":"10.1587\/transinf.2016EDP7304","volume":"100","author":"Y-B Luo","year":"2017","unstructured":"Luo Y-B, Wang B-S, Wang X-F, Zhang B-F, Hu W (2017) RPAH: a moving target network defense mechanism naturally resists reconnaissances and attacks. IEICE Trans Inf Syst 100(3):496\u2013510","journal-title":"IEICE Trans Inf Syst"},{"issue":"5","key":"255_CR30","doi-asserted-by":"publisher","first-page":"719","DOI":"10.1631\/FITEE.1601548","volume":"18","author":"Y-B Luo","year":"2017","unstructured":"Luo Y-B, Wang B-S, Wang X-F, Zhang B-f (2017) A keyed-hashing based self-synchronization mechanism for port address hopping communication. Front Inf Technol Electron Eng 18(5):719\u2013728","journal-title":"Front Inf Technol Electron Eng"},{"key":"255_CR31","doi-asserted-by":"crossref","unstructured":"MacFarland DC, Shue CA (2015) The SDN shuffle: creating a moving-target defense using host-based software-defined networking. In: Proceedings of the second ACM workshop on moving target defense, pp 37\u201341","DOI":"10.1145\/2808475.2808485"},{"key":"255_CR32","doi-asserted-by":"crossref","unstructured":"Ma T, Xu C, Yang S, Huang Y, An Q, Kuang X, Grieco LA (2023) A mutation-enabled proactive defense against service-oriented man-in-the-middle attack in kubernetes. IEEE Trans Comput","DOI":"10.1109\/TC.2023.3238125"},{"key":"255_CR33","unstructured":"Moghaddam HM, Mosenia A (2019) Anonymizing masses: practical light-weight anonymity at the network level. arXiv preprint arXiv:1911.09642"},{"key":"255_CR34","unstructured":"Pfitzmann A, Hansen M (2005) Anonymity, unlinkability, unobservability, pseudonymity, and identity management\u2014a consolidated proposal for terminology"},{"key":"255_CR35","doi-asserted-by":"crossref","unstructured":"Saha S, Morrison C, Sprintson A (2017) StorageFlow: SDN-enabled efficient data regeneration for distributed storage systems. In: 2017 IEEE conference on computer communications workshops (INFOCOM WKSHPS). IEEE, pp 187\u2013192","DOI":"10.1109\/INFCOMW.2017.8116374"},{"key":"255_CR36","doi-asserted-by":"crossref","unstructured":"Skowyra R, Bauer K, Dedhia V, Okhravi H (2016) Have no PHEAR: networks without identifiers. In: Proceedings of the 2016 ACM workshop on moving target defense, pp 3\u201314","DOI":"10.1145\/2995272.2995276"},{"key":"255_CR37","doi-asserted-by":"crossref","unstructured":"Trabelsi Z, Rahmani H, Kaouech K, Frikha M (2004) Malicious sniffing systems detection platform. In: Proceedings of the 2004 international symposium on applications and the internet. IEEE, pp 201\u2013207","DOI":"10.1109\/SAINT.2004.1266117"},{"issue":"7","key":"255_CR38","doi-asserted-by":"publisher","first-page":"2355","DOI":"10.3390\/s21072355","volume":"21","author":"P Wang","year":"2021","unstructured":"Wang P, Zhou M, Ding Z (2021) A two-layer IP hopping-based moving target defense approach to enhancing the security of mobile ad-hoc networks. Sensors 21(7):2355","journal-title":"Sensors"},{"key":"255_CR39","doi-asserted-by":"crossref","unstructured":"Wang Y, Yi J, Guo J, Qiao Y, Qi M, Chen Q (2018) A semistructured random identifier protocol for anonymous communication in SDN network. Secur Commun Netw 2018","DOI":"10.1155\/2018\/2916356"},{"key":"255_CR40","doi-asserted-by":"crossref","unstructured":"Xiong X, Ma L, Cui C (2019) Simulation environment of evaluation and optimization for moving target defense: a SimPy approach. In: Proceedings of the 2019 the 9th international conference on communication and network security, pp 114\u2013117","DOI":"10.1145\/3371676.3371692"},{"issue":"17","key":"255_CR41","doi-asserted-by":"publisher","first-page":"13528","DOI":"10.1109\/JIOT.2021.3065680","volume":"8","author":"C Xu","year":"2021","unstructured":"Xu C, Zhang T, Kuang X, Zhou Z, Yu S (2021) Context-aware adaptive route mutation scheme: a reinforcement learning approach. IEEE Internet Things J 8(17):13528\u201313541","journal-title":"IEEE Internet Things J"},{"key":"255_CR42","doi-asserted-by":"crossref","unstructured":"Xu X, Hu H, Liu Y, Tan J, Zhang H, Song H (2022) Moving target defense of routing randomization with deep reinforcement learning against eavesdropping attack. Digit Commun Netw","DOI":"10.1016\/j.dcan.2022.01.003"},{"issue":"6","key":"255_CR43","doi-asserted-by":"publisher","first-page":"2793","DOI":"10.1109\/TNET.2021.3099717","volume":"29","author":"M Yu","year":"2021","unstructured":"Yu M, Xie T, He T, McDaniel P, Burke QK (2021) Flow table security in SDN: adversarial reconnaissance and intelligent attacks. IEEE\/ACM Trans Netw 29(6):2793\u20132806","journal-title":"IEEE\/ACM Trans Netw"},{"key":"255_CR44","doi-asserted-by":"publisher","first-page":"51","DOI":"10.1016\/j.cose.2017.05.007","volume":"70","author":"H Zhang","year":"2017","unstructured":"Zhang H, Lei C, Chang D, Yang Y (2017) Network moving target defense technique based on collaborative mutation. Comput Secur 70:51\u201371","journal-title":"Comput Secur"},{"key":"255_CR45","doi-asserted-by":"crossref","unstructured":"Zhang T, Kuang X, Zhou Z, Gao H, Xu C (2019) An intelligent route mutation mechanism against mixed attack based on security awareness. In: 2019 IEEE global communications conference (GLOBECOM). IEEE, pp 1\u20136","DOI":"10.1109\/GLOBECOM38437.2019.9014119"},{"key":"255_CR46","doi-asserted-by":"crossref","unstructured":"Zhao Z, Gong D, Lu B, Liu F, Zhang C (2016) SDN-based double hopping communication against sniffer attack. Math Probl Eng 2016","DOI":"10.1155\/2016\/8927169"},{"key":"255_CR47","doi-asserted-by":"crossref","unstructured":"Zhou C, Quan W, Gao D, Liu Z, Yu C, Liu M, Xu Z (2021) AMS: adaptive multipath scheduling mechanism against eavesdropping attacks with programmable data planes. In: 2021 IEEE 5th advanced information technology, electronic and automation control conference (IAEAC). IEEE, vol 5, pp 2357\u20132361","DOI":"10.1109\/IAEAC50856.2021.9390985"}],"container-title":["Cybersecurity"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-024-00255-3.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1186\/s42400-024-00255-3\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-024-00255-3.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,11,7]],"date-time":"2024-11-07T01:02:53Z","timestamp":1730941373000},"score":1,"resource":{"primary":{"URL":"https:\/\/cybersecurity.springeropen.com\/articles\/10.1186\/s42400-024-00255-3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,11,7]]},"references-count":47,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2024,12]]}},"alternative-id":["255"],"URL":"https:\/\/doi.org\/10.1186\/s42400-024-00255-3","relation":{},"ISSN":["2523-3246"],"issn-type":[{"value":"2523-3246","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,11,7]]},"assertion":[{"value":"17 October 2023","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"14 May 2024","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"7 November 2024","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare that they have no Conflict of interest.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}}],"article-number":"58"}}