SDN-Based IP Shuffling Moving Target Defense with Multiple SDN Controllers

Conventional SDN-based MTD techniques have been mainly developed with a single SDN controller which exposes a single point of failure as well as raises a scalability issue for large-scale networks in achieving both security and performance. The use of multiple SDN controllers has been proposed to ensure both performance and security of SDN-based MTD systems for large-scale networks; however, the effect of using multiple SDN controllers has not been investigated in the state-of-the-art research. In this paper, we propose the SDN based MTD architecture using multiple SDN controllers and validate their security effect (i.e., attack success probability) by implementing an IP shuffling MTD in a testbed using ONOS SDN controllers.