Title: Network security mechanisms utilising network address translation

Authors: John T. Michalski

Addresses: Networked Systems Survivability and Assurance Department, Sandia National Laboratories, Albuquerque, NM 87185, USA

Abstract: A new protocol technology is just starting to emerge from the laboratory environment. Its stated purpose is to provide a means whereby networks, and the services that reside on them, can be protected from adversarial compromise. This protocol called Dynamic Network Address Translation (Dynat) is designed to protect computer networks against cyber attacks. Briefly, Dynat changes network parameters, such as the IP address and port numbers, between communication sessions and even during sessions. As a result, an adversary cannot associate activity on a given port of a given IP address with an application on a particular computer, thereby presenting a significant barrier to network attacks. This paper identifies the major components or attributes that are associated with the Dynat protocol and describes some of the potential implementations and associated network architectures that can deploy Dynat. It examines inter-operability issues associated with Dynat|s interaction with other network protocols along with its impact on standard security implementations, such as IPSec and Intrusion Detection Systems.

Keywords: dynamic address translation; protocol obfuscation; IDS enhancement; network security; network mapping protection; cyber attack; network protocols; interoperability; network architectures; network protection; critical infrastructures.

DOI: 10.1504/IJCIS.2006.008497

International Journal of Critical Infrastructures, 2006 Vol.2 No.1, pp.10 - 49

Published online: 23 Dec 2005 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article