{"id":1845,"date":"2022-03-16T08:39:00","date_gmt":"2022-03-16T15:39:00","guid":{"rendered":"https:\/\/ant.isi.edu\/blog\/?p=1845"},"modified":"2022-03-15T11:13:57","modified_gmt":"2022-03-15T18:13:57","slug":"new-paper-chhoyhopper-a-moving-target-defense-with-ipv6-at-ndss-madweb-workshop-2022","status":"publish","type":"post","link":"https:\/\/ant.isi.edu\/blog\/?p=1845","title":{"rendered":"new paper \u201cChhoyhopper: A Moving Target Defense with IPv6\u201d at NDSS MADWeb Workshop 2022"},"content":{"rendered":"\n<p>On April 24, 2022 we will publish a new paper titled &#8220;<strong><a href=\"https:\/\/www.isi.edu\/~johnh\/PAPERS\/Rizvi22b.html\">Chhoyhopper<\/a>: A Moving Target Defense with IPv6<\/strong>&#8221; by A S M Rizvi and John Heidemann at the 4th Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb 2022), co-located with NDSS. We provide <a href=\"https:\/\/ant.isi.edu\/software\/chhoyhopper\/index.html\">Chhoyhopper as an open-source tool<\/a> for SSH and HTTPS&#8212;try it out!<\/p>\n\n\n\n<p>From the abstract:<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p>Services on the public Internet are frequently scanned, then subject to brute-force password attempts and Denial-of-Service (DoS) attacks. We would like to run such services stealthily, where they are available to friends but hidden from adversaries. In this work, we propose a discovery-resistant moving target defense named \u201cChhoyhopper\u201d that utilizes the vast IPv6 address space to conceal publicly available services. The client meets the server at an IPv6 address that changes in a pattern based on a shared, pre-distributed secret and the time of day. By hopping over a \/64 prefix, services cannot be found by active scanners, and passively observed information is useless after two minutes. We demonstrate our system with the two important applications\u2014SSH and HTTPS, and make our system publicly available.<\/p><\/blockquote>\n\n\n\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/ant.isi.edu\/blog\/wp-content\/uploads\/2022\/03\/chhoyhopper-design.png\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"572\" src=\"https:\/\/ant.isi.edu\/blog\/wp-content\/uploads\/2022\/03\/chhoyhopper-design-1024x572.png\" alt=\"\" class=\"wp-image-1847\" srcset=\"https:\/\/ant.isi.edu\/blog\/wp-content\/uploads\/2022\/03\/chhoyhopper-design-1024x572.png 1024w, https:\/\/ant.isi.edu\/blog\/wp-content\/uploads\/2022\/03\/chhoyhopper-design-300x168.png 300w, https:\/\/ant.isi.edu\/blog\/wp-content\/uploads\/2022\/03\/chhoyhopper-design-768x429.png 768w, https:\/\/ant.isi.edu\/blog\/wp-content\/uploads\/2022\/03\/chhoyhopper-design-1536x858.png 1536w, https:\/\/ant.isi.edu\/blog\/wp-content\/uploads\/2022\/03\/chhoyhopper-design-2048x1144.png 2048w, https:\/\/ant.isi.edu\/blog\/wp-content\/uploads\/2022\/03\/chhoyhopper-design-1200x670.png 1200w, https:\/\/ant.isi.edu\/blog\/wp-content\/uploads\/2022\/03\/chhoyhopper-design-1980x1106.png 1980w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><figcaption>Client and server interaction in Chhoyhopper. A Client with the right secret key can only get access into the system.<\/figcaption><\/figure>\n\n\n\n<p>Thanks:   A S M Rizvi and John Heidemann\u2019s work on this paper is supported, in part, by the DHS HSARPA Cyber Security Division via contract number HSHQDC-17-R-B0004-TTA.02-0006-I (PAADDoS), and by DARPA under Contract No. HR001120C0157 (SABRES). Any opinions, findings and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of NSF or DARPA. We thank Rayner Pais who prototyped an early version of Chhoyhopper and version in IPv4 hopping over ports.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>On April 24, 2022 we will publish a new paper titled &#8220;Chhoyhopper: A Moving Target Defense with IPv6&#8221; by A S M Rizvi and John Heidemann at the 4th Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb 2022), co-located with NDSS. We provide Chhoyhopper as an open-source tool for SSH and HTTPS&#8212;try it [&hellip;]<\/p>\n","protected":false},"author":998,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[278,284,282,162],"tags":[141,126,339,63,343,340,58,341,225,5,336,342,92,57,344],"class_list":["post-1845","post","type-post","status-publish","format-standard","hentry","category-internet","category-papers-publications","category-publications","category-software-releases","tag-ant","tag-browser-extension","tag-ddidd","tag-dns","tag-https","tag-ipv6","tag-isi","tag-moving-target-2","tag-paaddos","tag-papers","tag-sabres","tag-ssh","tag-tls","tag-usc","tag-workshops"],"_links":{"self":[{"href":"https:\/\/ant.isi.edu\/blog\/index.php?rest_route=\/wp\/v2\/posts\/1845","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ant.isi.edu\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ant.isi.edu\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ant.isi.edu\/blog\/index.php?rest_route=\/wp\/v2\/users\/998"}],"replies":[{"embeddable":true,"href":"https:\/\/ant.isi.edu\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1845"}],"version-history":[{"count":3,"href":"https:\/\/ant.isi.edu\/blog\/index.php?rest_route=\/wp\/v2\/posts\/1845\/revisions"}],"predecessor-version":[{"id":1852,"href":"https:\/\/ant.isi.edu\/blog\/index.php?rest_route=\/wp\/v2\/posts\/1845\/revisions\/1852"}],"wp:attachment":[{"href":"https:\/\/ant.isi.edu\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1845"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ant.isi.edu\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1845"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ant.isi.edu\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1845"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}