{"id":5522,"date":"2025-04-29T22:02:49","date_gmt":"2025-04-29T13:02:49","guid":{"rendered":"https:\/\/saraheee.com\/?p=5522"},"modified":"2025-04-29T22:02:52","modified_gmt":"2025-04-29T13:02:52","slug":"review24-low-delay-network-attributes-randomization-to-proactively-mitigate-reconnaissance-attacks-in-industrial-control-systems_2023","status":"publish","type":"post","link":"https:\/\/saraheee.com\/ko\/2025\/04\/review24-low-delay-network-attributes-randomization-to-proactively-mitigate-reconnaissance-attacks-in-industrial-control-systems_2023\/","title":{"rendered":"[review#24] Low delay network attributes randomization to proactively mitigate reconnaissance attacks in industrial control systems_2023"},"content":{"rendered":"

1. Introduction<\/h3>\n\n\n\n

\uc0b0\uc5c5 \uc81c\uc5b4 \uc2dc\uc2a4\ud15c(Industrial Control Systems, ICS)\uc740 \uc0b0\uc5c5 \uacf5\uc815\uc744 \ubaa8\ub2c8\ud130\ub9c1\ud558\uace0 \uc81c\uc5b4\ud558\ub294 \ub370 \uc0ac\uc6a9\ub418\ub294 \uc5ec\ub7ec \ud2b9\uc218 \uc694\uc18c\ub97c \ud3ec\uad04\ud558\ub294 \uc77c\ubc18\uc801\uc778 \uc6a9\uc5b4\uc774\ub2e4.
ICS\ub294 \ubb3c\ub9ac\uc801 \uc7a5\uce58\uc640 \ud504\ub85c\uc138\uc2a4\ub97c \uc81c\uc5b4\ud558\uace0 \ubaa8\ub2c8\ud130\ub9c1\ud558\uae30 \uc704\ud55c \uac83\uc774\ub2e4.<\/p>\n\n\n\n

\uc0b0\uc5c5\uc6a9 \ub124\ud2b8\uc6cc\ud06c \ud1a0\ud3f4\ub85c\uc9c0\ub294 \uc77c\ubc18\uc801\uc73c\ub85c \uc815\uc801\uc774\uba70, \uc81c\uc5b4 \ud2b8\ub798\ud53d\uc740 \ub300\ubd80\ubd84 \uc790\ub3d9\ud654\ub41c \ud504\ub85c\uc138\uc2a4\uc5d0 \uc758\ud574 \uc0dd\uc131\ub418\uae30 \ub54c\ubb38\uc5d0 \ubcf8\uc9c8\uc801\uc73c\ub85c \ubc18\ubcf5\uc801\uc774\uace0 \uc608\uce21 \uac00\ub2a5\ud558\ub2e4. \uc0b0\uc5c5 \ub124\ud2b8\uc6cc\ud06c\uc758 \uc774\ub7ec\ud55c \uc815\uc801\uc778 \ud2b9\uc131\uc740 \uacf5\uaca9\uc790\uc5d0\uac8c \uc720\ub9ac\ud55c \uc2dc\ub098\ub9ac\uc624\uc774\uba70, \uacf5\uaca9\uc744 \uc2dc\uc791\ud558\uae30 \uc804\uc5d0 \ucde8\uc57d\uc810\uc744 \ud0d0\uc0c9\ud560 \uc218 \uc788\ub2e4. \uc774\ub7ec\ud55c \ubb38\uc81c\ub85c \uc778\ud574 \uc774\ub3d9 \ud45c\uc801 \ubc29\uc5b4(MTD)\ub77c\ub294 \uc774\ub984\uc73c\ub85c \uc774\ub7ec\ud55c \uc815\uc801\uc778 \uc2dc\uc2a4\ud15c\uc5d0 \ub300\uc751\ud558\uc5ec \uc120\uc81c\uc801 \ubcf4\uc548 \uc194\ub8e8\uc158\uc774 \uac1c\ubc1c\ub418\uc5c8\ub2e4. MTD\ub294 \uacf5\uaca9 \ud45c\uba74\uc744 \uc774\ub3d9\uc2dc\ud0a4\uac70\ub098 \uc904\uc5ec \uacf5\uaca9\uc790\uac00 \uc27d\uac8c \ud0d0\uc0c9\ud558\uace0 \uacf5\uaca9\uc744 \uc218\ud589\ud558\uae30 \uc5b4\ub835\uac8c \ub9cc\ub4dc\ub294 \ub04a\uc784\uc5c6\uc774 \ubcc0\ud654\ud558\ub294 \uc2dc\uc2a4\ud15c\uc73c\ub85c \uc815\uc758\ud560 \uc218 \uc788\ub2e4.<\/p>\n\n\n\n

\uc18c\ud504\ud2b8\uc6e8\uc5b4 \uc815\uc758 \ub124\ud2b8\uc6cc\ud0b9(SDN)\uc740 ICS \ubcf4\uc548\uc744 \uc704\ud574 \uc720\ub9dd\ud55c \uae30\uc220\ub85c \ubd80\uc0c1\ud558\uace0 \uc788\uc73c\uba70, \ud2b9\ud788 MTD \uae30\uc220\uc744 \uac1c\ubc1c\ud558\uace0 \uc77c\ubc18\uc801\uc778 \uce68\uc785 \ud0d0\uc9c0 \ubc0f \ub300\uc751 \uae30\uc220\uc744 \uac1c\ubc1c\ud558\ub294 \ub370 \ubaa8\ub450 \ud65c\uc6a9\ub418\uace0 \uc788\ub2e4.<\/p>\n\n\n\n

1) \ub370\uc774\ud130 \ud50c\ub808\uc778\uc740 \ud328\ud0b7 \uc804\ub2ec \uacb0\uc815\uc774 \uc2e4\uc81c\ub85c \uad6c\ud604\ub418\uace0 \ud2b8\ub798\ud53d\uc774 \ucc98\ub9ac\ub418\ub294 \uacf3
\u2192<\/em> \ud328\ud0b7 \uc804\uc1a1 \ubc0f \ud3ec\uc6cc\ub529: \uc2a4\uc704\uce58\ub098 \ub77c\uc6b0\ud130 \uc7a5\ube44\ub4e4<\/p>\n\n\n\n

2) \uc81c\uc5b4 \ud50c\ub808\uc778\uc740 SDN \ucee8\ud2b8\ub864\ub7ec\ub97c \ud1b5\ud574 \ub370\uc774\ud130 \ud50c\ub808\uc778\uc5d0 \ub17c\ub9ac\uc801 \uc81c\uc5b4\ub97c \uc81c\uacf5\ud558\ub294 \uc5ed\ud560
– \ub370\uc774\ud130 \ud3c9\uba74\uacfc \uc81c\uc5b4 \ud3c9\uba74 \uac04\uc758 \ud1b5\uc2e0\uc740 \uc0ac\uc6b0\uc2a4\ubc14\uc6b4\ub4dc \uc778\ud130\ud398\uc774\uc2a4(southbound interface)\ub97c \ud1b5\ud574 \uc774\ub8e8\uc5b4\uc9c0\uba70, \uc774 \ub54c \uc8fc\ub85cOpenFlow \ud504\ub85c\ud1a0\ucf5c\uc774 \uc0ac\uc6a9\ub418\uc9c0\ub9cc NETCONF\uc640 \uac19\uc740 \ub2e4\ub978 \ud504\ub85c\ud1a0\ucf5c\ub4e4\ub3c4 \uc874\uc7ac\ud55c\ub2e4.
\u2192<\/em> \ub124\ud2b8\uc6cc\ud06c \uc815\ucc45, \uacbd\ub85c \uacb0\uc815\uc744 \ub2f4\ub2f9: SDN \ucee8\ud2b8\ub864\ub7ec\uac00 \uc774 \ub808\uc774\uc5b4\uc5d0 \uc704\uce58<\/p>\n\n\n\n

southbound interface: \uc81c\uc5b4 \uc2dc\uc2a4\ud15c(\uc0c1\uc704)\uc640 \ud604\uc7a5 \uc7a5\ube44(\ud558\uc704) \uc0ac\uc774\uc758 \ud1b5\uc2e0 \uc778\ud130\ud398\uc774\uc2a4
- south: \uacc4\uce35\uc801 \uad6c\uc870\uc5d0\uc11c \ud558\uc704 \ub808\ubca8\uc744 \ud5a5\ud558\ub294 \uac83\uc744 \uc758\ubbf8
OpenFlow \ud504\ub85c\ud1a0\ucf5c: \ucee8\ud2b8\ub864\ub7ec\uc640 \ub124\ud2b8\uc6cc\ud06c \uc7a5\ube44 \uac04\uc758 \ud1b5\uc2e0 \ub2f4\ub2f9, \ub124\ud2b8\uc6cc\ud06c \uc7a5\ube44\uc758 \ud3ec\uc6cc\ub529 \ud14c\uc774\ube14\uc744 \uc9c1\uc811 \ud504\ub85c\uadf8\ub798\ubc0d
NETCONF(Network Configuration) \ud504\ub85c\ud1a0\ucf5c: \ub124\ud2b8\uc6cc\ud06c \uc7a5\ube44 \uad6c\uc131 \uad00\ub9ac\ub97c \uc704\ud55c \ud504\ub85c\ud1a0\ucf5c, XML \uae30\ubc18 \ub370\uc774\ud130 \uad50\ud658<\/pre>\n\n\n\n
3) \uc560\ud50c\ub9ac\ucf00\uc774\uc158 \ud50c\ub808\uc778\uc740 \uc0ac\uc6a9\uc790\uac00 \uac1c\ubc1c\ud55c \uc560\ud50c\ub9ac\ucf00\uc774\uc158\uc774 \ub178\uc2a4\ubc14\uc6b4\ub4dc \uc778\ud130\ud398\uc774\uc2a4(northbound interface)\ub97c \ud1b5\ud574 \ub124\ud2b8\uc6cc\ud06c\uc640 \uc0c1\ud638\uc791\uc6a9\ud558\ub294 \uacc4\uce35
\u2192<\/em> \uc0ac\uc6a9\uc790\/\uac1c\ubc1c\uc790\uac00 \ub9cc\ub4e0 \uc560\ud50c\ub9ac\ucf00\uc774\uc158\uc774 \uc704\uce58, \ub124\ud2b8\uc6cc\ud06c \ub3d9\uc791\uc744 \uc6d0\ud558\ub294 \ub300\ub85c \uc81c\uc5b4\ud558\uac70\ub098 \ubd84\uc11d: \ubc29\ud654\ubcbd \uc571, \ub85c\ub4dc \ubc38\ub7f0\uc11c \uc571, MTD \ubaa8\ub4c8 \ub4f1<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
\uc804\ud1b5 \ub124\ud2b8\uc6cc\ud06c: \uc2a4\uc704\uce58\ub098 \ub77c\uc6b0\ud130 \uac01\uac01\uc774 \uc2a4\uc2a4\ub85c \uc81c\uc5b4\ud558\ub294 \ubd84\uc0b0 \uad6c\uc870
SDN: \uc81c\uc5b4(control)\ub97c \ud558\ub098\ub85c \ubaa8\uc544 \uc911\uc559\uc5d0\uc11c \ud1b5\uc81c(\uc911\uc559 \uc9d1\uc911 \uad6c\uc870)<\/pre>\n\n\n\n
Southbound Interface: Control plane(\ucee8\ud2b8\ub864\ub7ec) \u2194 Data plane(\uc2a4\uc704\uce58) \uc5f0\uacb0 (\uc608: OpenFlow \ud504\ub85c\ud1a0\ucf5c)
Northbound Interface: Application plane(\uc571) \u2194 Control plane(\ucee8\ud2b8\ub864\ub7ec) \uc5f0\uacb0 (\uc608: REST API)<\/pre>\n\n\n\n
\ubcf8 \ub17c\ubb38\uc5d0\uc11c\ub294 SDN\uacfc MTD\uc758 \uac1c\ub150\uc744 \uacb0\ud569\ud558\uc5ec \uc0b0\uc5c5 \uc81c\uc5b4 \ub124\ud2b8\uc6cc\ud06c\uc758 \uc815\ucc30 \uacf5\uaca9\uc744 \uc644\ud654\ud558\ub294 \uc120\uc81c\uc801 \ubc29\uc5b4 \uba54\ucee4\ub2c8\uc998\uc744 \uac1c\ubc1c\ud55c\ub2e4. \ubcf8 \uc5f0\uad6c\uc758 \uc8fc\uc694 \uae30\uc5ec\ub294 \ub2e4\uc74c\uacfc \uac19\uc774 \uc694\uc57d\ud560 \uc218 \uc788\ub2e4.<\/p>\n\n\n\n
    \n
  1. \ub124\ud2b8\uc6cc\ud06c \ud328\ud0b7\uc758 IP \uc8fc\uc18c, MAC \uc8fc\uc18c, \ud3ec\ud2b8 \ubc88\ud638\ub97c \uc2e4\uc2dc\uac04\uc73c\ub85c \ubb34\uc791\uc704\ud654(randomization)\ud558\uc5ec, \uacf5\uaca9\uc790\uac00 \uc815\ucc30 \ub2e8\uacc4\uc5d0\uc11c \uc5bb\ub294 \uc815\ubcf4\ub97c \uc65c\uace1\ud558\uace0, \uc2e4\uc81c \uc815\ubcf4\ub97c \uae30\ubc18\uc73c\ub85c \uc7a5\uce58\uc5d0 \uc9c1\uc811 \uc811\uadfc\ud558\ub294 \uac83\uc744 \ubc29\uc9c0\ud558\ub294 MTD \uba54\ucee4\ub2c8\uc998\uc744 \uc81c\uc548\ud558\uc600\ub2e4. \ubb34\uc791\uc704\ud654 \uc791\uc5c5\uc740 \ub370\uc774\ud130 \ud50c\ub808\uc778(data plane) \uc5d0\uc11c \uc218\ud589\ub418\uba70, \ub124\ud2b8\uc6cc\ud06c \ub0b4 \ucd5c\uc885 \uc7a5\uce58\ub4e4\uc5d0\ub294 \uc644\uc804\ud788 \ud22c\uba85\ud558\uac8c \ucc98\ub9ac\ub41c\ub2e4.<\/li>\n\n\n\n
  2. \ub124\ud2b8\uc6cc\ud06c \uc18d\uc131\uc744 \ubb34\uc791\uc704\ud654\ud558\uace0, \ud5c8\uc6a9\ub41c \ud2b8\ub798\ud53d\ub9cc \ubaa9\uc801\uc9c0\ub85c \uc804\ub2ec\ud560 \uc218 \uc788\ub3c4\ub85d \ud558\ub294 \ud50c\ub85c\uc6b0 \uaddc\uce59(flow rules) \ucd08\uae30\ud654 \ubc29\ubc95\ub860\uc744 \uc81c\uc548\ud558\uc600\ub2e4. \uc774\ub97c \uc704\ud574 \uc0ac\uc6a9\uc790\uac00 \uc815\uc758\ud55c \ud5c8\uc6a9 \ubaa9\ub85d(allowlist) \uc744 \uae30\ubc18\uc73c\ub85c, \ud1b5\uc2e0\uc774 \ud5c8\uac00\ub41c \uc7a5\uce58 \uac04\uc758 \uc5f0\uacb0\ub9cc \ud5c8\uc6a9\ub418\ub3c4\ub85d \uc2a4\uc704\uce58\uc5d0 \ud50c\ub85c\uc6b0 \uaddc\uce59\uc774 \uc124\uce58\ub41c\ub2e4.<\/li>\n\n\n\n
  3. ICS(Industrial Control Systems)\uc758 \uc2e4\uc2dc\uac04\uc131 \uc694\uad6c\uc0ac\ud56d\uc744 \ucda9\uc871\ud558\uace0 \uc9c0\uc5f0(latency)\uc744 \ucd5c\uc18c\ud654\ud558\uae30 \uc704\ud55c \uc801\uc751\ud615(adaptive) \ub124\ud2b8\uc6cc\ud06c \uc18d\uc131 \ubb34\uc791\uc704\ud654 \uc804\ub7b5\uc744 \uc81c\uc548\ud558\uc600\ub2e4. \uc774\ub97c \uc704\ud574 \ubc31\uc5c5 \ud50c\ub85c\uc6b0 \uaddc\uce59(backup flow rules) \uacfc OpenFlow \ud504\ub85c\ud1a0\ucf5c\uc758 \uc6b0\uc120\uc21c\uc704(priority) \ud544\ub4dc\ub97c \ud65c\uc6a9\ud558\ub294 \ubc29\uc2dd\uc744 \uc801\uc6a9\ud558\uc600\ub2e4.<\/li>\n<\/ol>\n\n\n\n
    3. Framework overview<\/h3>\n\n\n\n
    3.1. Architecture<\/h4>\n\n\n\n
    \"\"<\/figure>\n\n\n\n
    End devices\/hosts: \uc0b0\uc5c5 \ud658\uacbd\uc5d0\uc11c \uc0ac\uc6a9\ub418\ub294 \ub2e4\uc591\ud55c \uc7a5\uce58\ub4e4\ub85c \uad6c\uc131\ub418\uba70, \ub300\ud45c\uc801\uc73c\ub85c SCADA(Supervisory Control And Data Acquisition) \uc11c\ubc84, PLC(Programmable Logic Controllers), \uc6cc\ud06c\uc2a4\ud14c\uc774\uc158<\/p>\n\n\n\n
    OpenFlow switches: \uc0ac\uc804\uc5d0 \uc815\uc758\ub41c \ud50c\ub85c\uc6b0 \uaddc\uce59(flow rules)\uc5d0 \ub530\ub77c \ud2b8\ub798\ud53d\uc744 \ubaa9\uc801\uc9c0\ub85c \ub77c\uc6b0\ud305\ud558\ub294 \uc5ed\ud560, \uc774 \uc7a5\uce58\ub4e4\uc774 \ub124\ud2b8\uc6cc\ud06c \ud328\ud0b7\uc744 \ucc98\ub9ac\ud558\uba74\uc11c IP \uc8fc\uc18c, MAC \uc8fc\uc18c, \ud3ec\ud2b8 \ubc88\ud638\ub97c \ubb34\uc791\uc704\ud654\ud558\ub294 \uae30\ub2a5\uc744 \uc218\ud589\ud55c\ub2e4.<\/p>\n\n\n\n
    SDN controller: data plane\uacfc application plane \uac04\uc758 \ud1b5\uc2e0\uc744 \ub2f4\ub2f9\ud55c\ub2e4.
    \ucee8\ud2b8\ub864\ub7ec\ub294 MTD \ubaa8\ub4c8\ub85c\ubd80\ud130 \uc694\uccad\uc744 \uc218\uc2e0\ud55c \ub4a4, \uc774\ub97c OpenFlow \ud504\ub85c\ud1a0\ucf5c\uc744 \uc0ac\uc6a9\ud574 \uc2a4\uc704\uce58\ub85c \uc804\ub2ec\ud55c\ub2e4.<\/p>\n\n\n\n
    MTD module: \uc560\ud50c\ub9ac\ucf00\uc774\uc158 \ud50c\ub808\uc778\uc5d0 \ubc30\ud3ec\ub41c \uc560\ud50c\ub9ac\ucf00\uc774\uc158\uc73c\ub85c, \uc2e4\uc81c \ub124\ud2b8\uc6cc\ud06c \uc18d\uc131\uacfc \ubb34\uc791\uc704 \ub124\ud2b8\uc6cc\ud06c \uc18d\uc131 \uac04\uc758 \ubcc0\ud658\uc744 \uc218\ud589\ud558\ub294 OpenFlow \uc2a4\uc704\uce58\ub4e4\uc758 \ud50c\ub85c\uc6b0 \uaddc\uce59\uc744 \ucd08\uae30\ud654 \ubc0f \uac31\uc2e0\ud558\ub294 \uc5ed\ud560\uc744 \ud55c\ub2e4.
    SDN \ucee8\ud2b8\ub864\ub7ec\uc758 \ub178\uc2a4\ubc14\uc6b4\ub4dc \uc778\ud130\ud398\uc774\uc2a4(northbound interface)\ub97c \ud1b5\ud574 \uc218\ud589\ub418\uba70, \uc5ec\uae30\uc11c\ub294 REST API\ub97c \uc0ac\uc6a9\ud55c\ub2e4.<\/p>\n\n\n\n
    : MTD \ubaa8\ub4c8: \ubb34\uc791\uc704\ud654 \uc804\ub7b5 \uacb0\uc815 
    \u2192<\/em> SDN \ucee8\ud2b8\ub864\ub7ec: \uc694\uccad\uc744 \ubc1b\uc544 OpenFlow \ud504\ub85c\ud1a0\ucf5c\uc744 \ud1b5\ud574 \uc2a4\uc704\uce58\uc5d0 \ud50c\ub85c\uc6b0 \uaddc\uce59\uc744 \uc124\uce58 
    \u2192<\/em> OpenFlow \uc2a4\uc704\uce58: \ub124\ud2b8\uc6cc\ud06c \ud2b8\ub798\ud53d\uc744 \ubc1b\uc544\uc11c \ud328\ud0b7\uc758 IP, MAC, \ud3ec\ud2b8\ub97c \ubb34\uc791\uc704\ub85c \ubcc0\ud658\ud574 \uc804\ub2ec
    \u2192<\/em> \ucd5c\uc885 \uc7a5\uce58
    OpenFlow, REST API \uc778\ud130\ud398\uc774\uc2a4\ub97c \ud1b5\ud574 \uac01\uac01 \uc5f0\uacb0\ub418\uba70, 
    end devices\ub4e4\uc740 \uc774 \uacfc\uc815\uc744 \uc778\uc2dd\ud558\uc9c0 \ubabb\ud558\uace0 \ud22c\uba85\ud558\uac8c \ud1b5\uc2e0\uc744 \uc774\uc5b4\uac04\ub2e4.<\/pre>\n\n\n\n
    3.2. Network attributes range allocation<\/h4>\n\n\n\n
    \ud638\uc2a4\ud2b8\uc5d0 \ub300\ud55c \ubb34\uc791\uc704 IP \ubc0f MAC \uc8fc\uc18c, TCP\/UDP \ud3ec\ud2b8 \ubc88\ud638\ub97c \uc0dd\uc131\ud558\uace0 \ud560\ub2f9\ud560 \ub54c\ub294 \ud560\ub2f9 \uc911 \ucda9\ub3cc\uc744 \ud53c\ud558\uace0 \uc0b0\uc5c5 \ub124\ud2b8\uc6cc\ud06c\uc758 \uc608\uce21 \ubd88\uac00\ub2a5\uc131\uc744 \uadf9\ub300\ud654\ud558\uae30 \uc704\ud574 \ub2e4\uc74c\uacfc \uac19\uc740 \uc81c\uc57d \uc870\uac74\uc744 \uc900\uc218\ud574\uc57c \ud55c\ub2e4.<\/p>\n\n\n\n
      \n
    • \uc81c\uc57d \uc870\uac741: \ub3d9\uc77c\ud55c \ub79c\ub364 IP \ubc0f MAC \uc8fc\uc18c\ub294 \ub3d9\uc77c\ud55c MTD \uc8fc\uae30(MTD interval) \ub0b4\uc5d0\uc11c \ub458 \uc774\uc0c1\uc758 \ud638\uc2a4\ud2b8\uc5d0 \ud560\ub2f9\ub418\uc5b4\uc11c\ub294 \uc548 \ub41c\ub2e4.<\/li>\n\n\n\n
    • \uc81c\uc57d \uc870\uac742: \ud558\ub098\uc758 \ub79c\ub364 \ud3ec\ud2b8 \ubc88\ud638\ub294 \ub3d9\uc77c\ud55c MTD \uc8fc\uae30 \ub0b4\uc5d0\uc11c \ud558\ub098\uc758 \ud638\uc2a4\ud2b8 \ub0b4 \ub458 \uc774\uc0c1\uc758 TCP \ub610\ub294 UDP \uc11c\ube44\uc2a4\uc5d0 \ub3d9\uc2dc\uc5d0 \ud560\ub2f9\ub418\uc5b4\uc11c\ub294 \uc548 \ub41c\ub2e4.<\/li>\n\n\n\n
    • \uc81c\uc57d \uc870\uac743: \ub3d9\uc77c\ud55c \ub79c\ub364 IP \uc8fc\uc18c, MAC \uc8fc\uc18c, \ub610\ub294 \ud3ec\ud2b8 \ubc88\ud638\ub294 \uc5f0\uc18d\ub41c N\uac1c\uc758 MTD \uc8fc\uae30 \ub3d9\uc548 \ud558\ub098\uc758 \ud638\uc2a4\ud2b8\uc5d0 \uc911\ubcf5 \ud560\ub2f9\ub418\uc5b4\uc11c\ub294 \uc548 \ub41c\ub2e4. \uc774\ub294 \ucd5c\uadfc N\uac1c\uc758 \uc8fc\uae30 \ub3d9\uc548 \ud560\ub2f9\ub41c \ubb34\uc791\uc704 \uc18d\uc131\uc744 \ucd94\uc801\ud558\uc5ec \uad00\ub9ac\ud568\uc73c\ub85c\uc368 \ub2ec\uc131\ub41c\ub2e4.<\/li>\n<\/ul>\n\n\n\n
      Random IP address generation<\/h5>\n\n\n\n
      \ubb34\uc791\uc704 IP \uc8fc\uc18c\ub294 \uc0b0\uc5c5 \ub124\ud2b8\uc6cc\ud06c\uc5d0\uc11c \uc0ac\uc6a9 \uac00\ub2a5\ud55c \uc8fc\uc18c \uacf5\uac04\uc744 \uace0\ub824\ud558\uc5ec \uc0dd\uc131\ub41c\ub2e4. \uac01 \uc8fc\uae30\uac00 \ubcc0\uacbd\ub420 \ub54c\ub9c8\ub2e4, \uc7a5\uce58\uc5d0 \ud560\ub2f9\ub41c \uc774\uc804 IP \uc8fc\uc18c\uc5d0 \ub300\ud55c \uc774\ub825 \uae30\ub85d\uc774 \uc720\uc9c0\ub41c\ub2e4. \uc774\ub97c \ud1b5\ud574 \ub3d9\uc77c\ud55c IP \uc8fc\uc18c\uac00 \uc5ec\ub7ec \uc5f0\uc18d\ub41c \uc8fc\uae30\uc5d0 \uac78\uccd0 \ub3d9\uc77c\ud55c \uc7a5\uce58\uc5d0 \ubc18\ubcf5\uc801\uc73c\ub85c \ud560\ub2f9\ub418\ub294 \uac83\uc744 \ubc29\uc9c0\ud55c\ub2e4.<\/p>\n\n\n\n
      Random MAC address generation<\/h5>\n\n\n\n
      \uac01 \ubb34\uc791\uc704 IP \uc8fc\uc18c\uc5d0 \ub300\ud574 \ud558\ub098\uc758 \ubb34\uc791\uc704 MAC \uc8fc\uc18c\uac00 \uc0dd\uc131\ub41c\ub2e4.
      MAC \uc8fc\uc18c \uc0dd\uc131 \uc2dc RFC 7042\ub97c \ucc38\uace0\ud558\uc5ec, IPv4\/IPv6 multicast \uc8fc\uc18c, PPP(Point to Point Protocol) \uc8fc\uc18c, IPv4\/IPv6 VRRP(Virtual Router Redundancy Protocol) \uc8fc\uc18c \ub4f1 \ud2b9\uc815 \uc6a9\ub3c4\ub85c \uc608\uc57d\ub41c \uc8fc\uc18c\uc758 \uc0dd\uc131\uc744 \ud53c\ud558\ub3c4\ub85d \ud588\ub2e4.
      \ub610\ud55c, \ubcf4\ub2e4 \ud604\uc2e4\uc801\uc778 MAC \uc8fc\uc18c\ub97c \uc0dd\uc131\ud558\uae30 \uc704\ud574, \uc0b0\uc5c5\uc6a9 \uc7a5\ube44 \uc81c\uc870\uc5c5\uccb4\ub4e4\uc774 \uc2e4\uc81c MAC \uc8fc\uc18c \ud504\ub9ac\ud53d\uc2a4(prefix)\ub97c \uc0ac\uc6a9\ud588\ub2e4.<\/p>\n\n\n\n
      Random port generation<\/h5>\n\n\n\n
      \ubb34\uc791\uc704 \ud3ec\ud2b8 \ubc88\ud638\ub294 \uc804\uccb4 \uac00\uc6a9 \ud3ec\ud2b8 \ubc94\uc704 (0, 65535]\ub97c \ub300\uc0c1\uc73c\ub85c \uc0dd\uc131\ub41c\ub2e4.<\/p>\n\n\n\n
      3.2.1. Limitations from an external observer perspective<\/h5>\n\n\n\n
      IP \uc8fc\uc18c \ubb34\uc791\uc704\ud654: \ucd5c\uc885 \uc7a5\uce58\uac00 \uc778\ud130\ub137\uc5d0 \uace0\uc720\ud55c \uacf5\uc778 IP \uc8fc\uc18c\ub97c \uac00\uc9c0\uac70\ub098, \uc0ac\uc6a9 \uac00\ub2a5\ud55c \ub2e4\uc218\uc758 \uacf5\uc778 IP \uc8fc\uc18c\uac00 \uc874\uc7ac\ud560 \uacbd\uc6b0\uc5d0\ub294 IP \uc8fc\uc18c \ubb34\uc791\uc704\ud654\uac00 \uac00\ub2a5\ud558\ub2e4.
      \uadf8\ub7ec\ub098 \uc0b0\uc5c5\uc6a9 \uc7a5\uce58\uac00 NAT(\ub2e8\uc77c \uacf5\uc6a9 IP)\ub97c \ud1b5\ud574 \ud558\ub098\uc758 \uacf5\uc778 IP \uc8fc\uc18c\ub9cc\uc744 \uc0ac\uc6a9\ud558\uc5ec \uc778\ud130\ub137\uc5d0 \ub178\ucd9c\ub418\ub294 \uacbd\uc6b0, \uacf5\uc778 IP \uc8fc\uc18c\uc758 \ud55c\uc815\ub41c \uc218\ub7c9\uc73c\ub85c \uc778\ud574 \uc678\ubd80 \uad00\ucc30\uc790 \uad00\uc810\uc5d0\uc11c IP \uc8fc\uc18c \ubb34\uc791\uc704\ud654\ub97c \uad6c\ud604\ud558\ub294 \uac83\uc740 \ubd88\uac00\ud558\ub2e4.<\/p>\n\n\n\n
      MAC \uc8fc\uc18c \ubb34\uc791\uc704\ud654: \ub124\ud2b8\uc6cc\ud06c \uac04 \uacf5\uc720\ub418\uc9c0 \uc54a\uae30 \ub54c\ubb38\uc5d0 \uc678\ubd80 \uad00\ucc30\uc790 \uad00\uc810\uc5d0\uc11c \ud6a8\uacfc\uc801\uc774\uc9c0 \uc54a\ub2e4. \ub3d9\uc77c \ub124\ud2b8\uc6cc\ud06c \ub0b4\uc5d0\uc11c \ucd5c\uc885 \uc7a5\uce58\uc758 \ubb3c\ub9ac\uc801 \uc8fc\uc18c\ub97c \ud30c\uc545\ud558\ub824\ub294 \uacf5\uaca9\uc790\uc5d0 \ub300\ud574\uc11c\ub294 \uc720\uc6a9\ud558\uc9c0\ub9cc, \uc678\ubd80 \uad00\ucc30\uc790\uc5d0\uac8c\ub294 \ud070 \ud6a8\uacfc\uac00 \uc5c6\ub2e4.<\/p>\n\n\n\n
      \ud3ec\ud2b8 \ubc88\ud638 \ubb34\uc791\uc704\ud654: \uc678\ubd80 \uad00\ucc30\uc790 \uad00\uc810\uc5d0\uc11c \uac00\uc7a5 \ube44\uc6a9 \ud6a8\uc728\uc801\uc778 \ubb34\uc791\uc704\ud654 \uae30\ubc95\uc774 \ub420 \uc218 \uc788\ub2e4.
      \uacf5\uc778 IP \uc8fc\uc18c\ub294 \uc77c\ubc18\uc801\uc73c\ub85c ISP\uc5d0 \uc758\ud574 \ud560\ub2f9\ub418\uace0 \uc0ac\uc6a9 \uac00\ub2a5\ud55c \uc218\uac00 \uc81c\ud55c\uc801\uc774\uc9c0\ub9cc, TCP\/UDP \ud3ec\ud2b8\ub294 \uc0ac\uc6a9\uc790\uac00 \uc804\uccb4 \uac00\uc6a9 \ubc94\uc704\ub97c \uc790\uc720\ub86d\uac8c \uc0ac\uc6a9\ud560 \uc218 \uc788\uc73c\ubbc0\ub85c, \ud3ec\ud2b8 \ubb34\uc791\uc704\ud654\ub97c \ud1b5\ud574 \ub2e4\uc591\ud55c \uc11c\ube44\uc2a4\ub97c \ub178\ucd9c\ud558\uac70\ub098 \uc228\uae38 \uc218 \uc788\ub2e4.<\/p>\n\n\n\n
      3.3. Real-time network attributes randomization<\/h4>\n\n\n\n
      \ucd08\uae30\ud654 \ub2e8\uacc4\uc5d0\uc11c\ub294, \uc2a4\uc704\uce58\uc5d0 \uc124\uce58\ub418\ub294 \ucd08\uae30 \ud50c\ub85c\uc6b0 \uaddc\uce59\uc774 \uc0ac\uc6a9\uc790 \uc815\uc758 \ud5c8\uc6a9 \ubaa9\ub85d(allowlist)\uc5d0 \uae30\ubc18\ud558\uc5ec \uc124\uc815\ub41c\ub2e4.
      \uc0b0\uc5c5 \ub124\ud2b8\uc6cc\ud06c\uc758 \uc815\uc801\uc778 \ud2b9\uc131\uacfc \uc81c\uc5b4 \ud2b8\ub798\ud53d \ud1b5\uc2e0\uc758 \ubc18\ubcf5\uc801\uc774\uace0 \uc608\uce21 \uac00\ub2a5\ud55c \ud2b9\uc131\uc744 \ud65c\uc6a9\ud558\uc5ec, \uc774 \ud5c8\uc6a9 \ubaa9\ub85d\uc740 \ub124\ud2b8\uc6cc\ud06c \uc7a5\uce58 \uac04 \ud5c8\uac00\ub41c \ud1b5\uc2e0 \ubc0f \ud504\ub85c\ud1a0\ucf5c\uc744 \uc218\uc9d1\ud55c\ub2e4.<\/p>\n\n\n\n
        \n
      • \ud5c8\uac00\ub41c \ud1b5\uc2e0\uc778 \uacbd\uc6b0, \uc7a5\uce58\ub4e4\uc740 \uc2e4\uc81c IP \uc8fc\uc18c, MAC \uc8fc\uc18c, \ud3ec\ud2b8 \ubc88\ud638\ub97c \uc0ac\uc6a9\ud558\uc5ec \uc11c\ub85c \ud1b5\uc2e0\ud560 \uc218 \uc788\ub2e4.<\/li>\n\n\n\n
      • \ubc18\ub300\ub85c \ud5c8\uac00\ub418\uc9c0 \uc54a\uc740 \ud1b5\uc2e0\uc778 \uacbd\uc6b0, \uc7a5\uce58\ub294 \uc0c1\ub300 \uc7a5\uce58\uc5d0 \ud560\ub2f9\ub41c \ubb34\uc791\uc704 IP, MAC, \ud3ec\ud2b8\ub97c \uc0ac\uc6a9\ud574\uc11c\ub9cc \ud1b5\uc2e0\ud560 \uc218 \uc788\ub2e4.<\/li>\n<\/ul>\n\n\n\n
        \ub79c\ub364 \uc18d\uc131 \ud560\ub2f9 \uc808\ucc28<\/h5>\n\n\n\n
        \uccab \ubc88\uc9f8 \ub2e8\uacc4\ub294 \ub124\ud2b8\uc6cc\ud06c\uc5d0 \uc788\ub294 \uac01 \uc7a5\uce58\uc5d0 \ub300\ud574 \ubb34\uc791\uc704 IP\/MAC \uc8fc\uc18c\ub97c \uc0dd\uc131 \ubc0f \ud560\ub2f9\ud558\uace0, \uac01 \uc7a5\uce58\uc758 \ud65c\uc131 \uc11c\ube44\uc2a4\ub9c8\ub2e4 \ubb34\uc791\uc704 \ud3ec\ud2b8 \ubc88\ud638\ub97c \ud560\ub2f9\ud558\ub294 \uac83\uc774\ub2e4.
        \uc774\ub807\uac8c \ubb34\uc791\uc704\ub85c \ud560\ub2f9\ub41c IP \uc8fc\uc18c, MAC \uc8fc\uc18c, \uc11c\ube44\uc2a4 \ud3ec\ud2b8(TCP\/UDP)\ub294 \ud558\ub098\uc758 MTD \uc8fc\uae30 \ub3d9\uc548\ub9cc \uc720\ud6a8\ud558\uba70, \uc774\ud6c4 \ub2e4\uc74c \uc8fc\uae30\uc5d0\uc11c\ub294 \uc0c8\ub85c\uc6b4 \ubb34\uc791\uc704 \uac12\uc73c\ub85c \ub300\uccb4\ub41c\ub2e4.
        MTD \uc8fc\uae30\uc758 \uae38\uc774\ub294 \uc0ac\uc6a9\uc790\uac00 \uc815\uc758\ud558\uba70, \uc0ac\uc6a9 \uc0ac\ub840\ubcc4\ub85c \uc870\uc815\ub418\uc5b4\uc57c \ud55c\ub2e4.
        \ub79c\ub364 IP, MAC, \ud3ec\ud2b8\ub97c \uc0dd\uc131 \ubc0f \ud560\ub2f9\ud558\ub294 \uacfc\uc815\uc5d0\uc11c, \uc2dc\uc2a4\ud15c\uc740 \uc911\ubcf5 \uac12\uc774 \ubc1c\uc0dd\ud558\uc9c0 \uc54a\ub3c4\ub85d \ucda9\ub3cc \uc5ec\ubd80\ub97c \uac80\uc99d\ud558\uc5ec \uc6b4\uc601 \uc624\ub958\ub97c \ubc29\uc9c0\ud55c\ub2e4.
        \ucd5c\uc885 \uc7a5\uce58(end devices)\uc758 \ub124\ud2b8\uc6cc\ud06c \uc124\uc815\uc740 \ubcc0\uacbd\ub418\uc9c0 \uc54a\uace0, \ubc88\uc5ed \uc791\uc5c5\uc740 \ubaa8\ub450 OpenFlow \uc2a4\uc704\uce58 \uc0c1\uc5d0\uc11c \uc218\ud589\ub418\uba70, \ucd5c\uc885 \uc7a5\uce58\uc5d0\ub294 \uc644\uc804\ud788 \ud22c\uba85\ud558\uac8c \ub3d9\uc791\ud55c\ub2e4.<\/p>\n\n\n\n
        \ud50c\ub85c\uc6b0 \uaddc\uce59 \uc124\uce58 \ubc0f \ud328\ud0b7 \ucc98\ub9ac \ubc29\uc2dd<\/h5>\n\n\n\n
        \ub79c\ub364 \ub124\ud2b8\uc6cc\ud06c \uc18d\uc131\uc774 \uac01 \uc7a5\uce58\uc5d0 \ud560\ub2f9\ub418\uba74, OpenFlow \uc2a4\uc704\uce58\uc5d0\ub294 \ub2e4\uc74c\uacfc \uac19\uc740 \ud50c\ub85c\uc6b0 \uaddc\uce59\uc774 \uc124\uce58\ub41c\ub2e4: <\/p>\n\n\n\n
          \n
        • \ud5c8\uac00\ub41c \uc7a5\uce58\uac04 \ud1b5\uc2e0\uc740 \uc2e4\uc81c IP, MAC, \ud3ec\ud2b8\ub97c \uc0ac\uc6a9\ud558\uc5ec \ud1b5\uc2e0\ud560 \uc218 \uc788\ub3c4\ub85d \uc124\uc815\ub41c\ub2e4.<\/li>\n\n\n\n
        • \ud328\ud0b7\uc758 \ub124\ud2b8\uc6cc\ud06c \uc18d\uc131(IP, MAC, \ud3ec\ud2b8)\uc744 \ubcc0\uacbd\ud558\ub294 \ubc29\ubc95\uc5d0\ub294 \ub450 \uac00\uc9c0 \uc811\uadfc\ubc95\uc774 \uc788\ub2e4: 
          (1) \ubaa8\ub4e0 \ud328\ud0b7\uc744 SDN \ucee8\ud2b8\ub864\ub7ec\ub85c \uc804\uc1a1\ud558\uc5ec \uc911\uc559\uc5d0\uc11c \ucc98\ub9ac
          (2) OpenFlow \uc2a4\uc704\uce58\uc5d0\uc11c \uc9c1\uc811 \ud328\ud0b7 \ucc98\ub9ac<\/li>\n<\/ul>\n\n\n\n
          \uc774 \uc5f0\uad6c\uc5d0\uc11c\ub294 \ud1b5\uc2e0 \uc9c0\uc5f0(latency)\uc744 \ucd5c\uc18c\ud654\ud558\uae30 \uc704\ud574, OpenFlow \uc2a4\uc704\uce58\uc5d0\uc11c \uc9c1\uc811 \ud328\ud0b7\uc744 \ubcc0\ud658\ud558\ub294 \ubc29\uc2dd\uc744 \ucc44\ud0dd\ud558\uc600\ub2e4. \uc774\ub97c \ud1b5\ud574, \uac01 \ud328\ud0b7\uc774 SDN \ucee8\ud2b8\ub864\ub7ec\ub85c \uc804\uc1a1\ub418\ub294 \uacfc\uc815\uc744 \ud53c\ud558\uace0 \ud1b5\uc2e0 \uc18d\ub3c4\ub97c \ub192\uc778\ub2e4.<\/p>\n\n\n\n
          \ud504\ub85c\ud1a0\ucf5c\ubcc4 \ud50c\ub85c\uc6b0 \uaddc\uce59 \uc801\uc6a9<\/h5>\n\n\n\n
          \ud328\ud0b7 \ucc98\ub9ac \ud750\ub984 (\ud5c8\uac00\ub41c \ud1b5\uc2e0)<\/h5>\n\n\n\n
          \ud50c\ub85c\uc6b0 \uaddc\uce59 \uc124\uce58\uac00 \uc644\ub8cc\ub418\uba74, \uc18c\uc2a4 \uc7a5\uce58\uc5d0\uc11c \ubaa9\uc801\uc9c0 \uc7a5\uce58\ub85c \uac00\ub294 \uac01 \ud328\ud0b7\uc740 Algorithm 1\uc5d0 \ub530\ub77c \ucc98\ub9ac\ub41c\ub2e4.<\/p>\n\n\n\n
          \ub450 end devices \\(h_1\\)\uc640 \\(h_2\\) \uc0ac\uc774\uc758 \uc778\uc99d\ub41c \ud1b5\uc2e0\uc5d0\uc11c<\/p>\n\n\n\n
          \ud5c8\uac00\ub41c \ud1b5\uc2e0\uc758 \uacbd\uc6b0,<\/strong>
          \uc18c\uc2a4 OpenFlow \uc2a4\uc704\uce58(\uc18c\uc2a4 \uc7a5\uce58\uac00 \uc5f0\uacb0\ub41c \uc2a4\uc704\uce58)\uc5d0 \ud328\ud0b7\uc774 \ub3c4\ucc29\ud558\uba74, (\uc2a4\uc704\uce58\uac00 \\(h_1\\)
          \uc2e4\uc81c \uc18c\uc2a4\/\ubaa9\uc801\uc9c0 IP (rIP), MAC (rMAC) \uc8fc\uc18c\uac00 \ubb34\uc791\uc704 IP (vIP), MAC (vMAC)\uc73c\ub85c \ubcc0\ud658\ub41c\ub2e4.<\/p>\n\n\n\n
          \ud3ec\ud2b8 \ubcc0\ud658\uc758 \uacbd\uc6b0,
          \uc18c\uc2a4 \uc7a5\uce58\uac00 \ubaa9\uc801\uc9c0 \uc7a5\uce58\uc758 \uc11c\ube44\uc2a4\ub97c \uc694\uccad\ud558\ub294 \uacbd\uc6b0 \u2192 \ubaa9\uc801\uc9c0 \ud3ec\ud2b8\ub9cc \ubcc0\uacbd
          \uc18c\uc2a4 \uc7a5\uce58\uac00 \uc751\ub2f5\ud558\ub294 \uacbd\uc6b0 \u2192 \uc18c\uc2a4 \ud3ec\ud2b8\ub9cc \ubcc0\uacbd<\/p>\n\n\n\n
          \ubcc0\ud658\uc774 \uc644\ub8cc\ub418\uba74, \ud2b8\ub798\ud53d\uc740 \ubaa9\uc801\uc9c0 \uc2a4\uc704\uce58\uae4c\uc9c0 \uc804\ub2ec\ub41c\ub2e4.
          \ucd5c\uc885\uc801\uc73c\ub85c \ubaa9\uc801\uc9c0 OpenFlow \uc2a4\uc704\uce58\uc5d0\ub294 \ubb34\uc791\uc704 IP, MAC, \ud3ec\ud2b8\ub97c \ub2e4\uc2dc \uc2e4\uc81c \uac12\uc73c\ub85c \ubcc0\ud658\ud558\uc5ec, \uc591\ubc29\ud5a5 \ud1b5\uc2e0\uc774 \uc790\uc5f0\uc2a4\ub7fd\uac8c \uc774\uc5b4\uc9c0\ub3c4\ub85d \ubcf4\uc7a5\ud55c\ub2e4.<\/p>\n\n\n\n
          \ud5c8\uac00\ub418\uc9c0 \uc54a\uc740 \ud1b5\uc2e0\uc758 \uacbd\uc6b0,<\/strong>
          \uc18c\uc2a4 \uc7a5\uce58\ub294 \ubaa9\uc801\uc9c0 \uc7a5\uce58\uc5d0 \ud560\ub2f9\ub41c \ubb34\uc791\uc704 IP, MAC, \ud3ec\ud2b8\ub97c \uc815\ud655\ud788 \uc0ac\uc6a9\ud574\uc57c\ub9cc \ud1b5\uc2e0\ud560 \uc218 \uc788\ub2e4.<\/p>\n\n\n\n
          \uc18c\uc2a4 \uc7a5\uce58\uac00 \ubcf4\ub0b8 \ud328\ud0b7\uc758 IP, MAC, \ud3ec\ud2b8\uac00 \ud604\uc7ac \uc8fc\uae30\uc5d0\uc11c \ubaa9\uc801\uc9c0\uc5d0 \ud560\ub2f9\ub41c \ubb34\uc791\uc704 \uac12\uacfc \uc77c\uce58\ud558\uc9c0 \uc54a\uc73c\uba74, 
          \u2192 \uc18c\uc2a4 \uc2a4\uc704\uce58\uc5d0\uc11c \ud574\ub2f9 \ud328\ud0b7\uc744 \ud3d0\uae30(dropped) \ud55c\ub2e4.<\/p>\n\n\n\n
          \ub9cc\uc57d \uc77c\uce58\ud55c\ub2e4\uba74, 
          \u2192 \ud2b8\ub798\ud53d\uc740 \uc18c\uc2a4 \uc7a5\uce58\uc758 IP, MAC, \ud3ec\ud2b8\ub97c \ubb34\uc791\uc704\ud654\ud55c \ub4a4 \ubaa9\uc801\uc9c0\ub85c \uc804\ub2ec\ub418\uba70, \ucd5c\uc885\uc801\uc73c\ub85c \ubaa9\uc801\uc9c0 \uc2a4\uc704\uce58\uc5d0\uc11c \uc6d0\ub798(real) \uac12\uc73c\ub85c \ubcf5\uc6d0\ub41c\ub2e4.<\/p>\n\n\n\n
          \"\"<\/figure>\n\n\n\n
          \ubc31\uc5c5 \uaddc\uce59: \uac00\uc7a5 \ub192\uc740 \uc6b0\uc120\uc21c\uc704\ub97c \uac00\uc9c4 \ud750\ub984 \uaddc\uce59\uc744 \uc0ac\uc6a9 – \uc9c0\uc5f0\uc774\ub098 \ud328\ud0b7 \uc190\uc2e4 \uc5c6\uc774 \uad6c\uac04 \uac04 \uc801\uc751\uc801 \uc804\ud658 \uac00\ub2a5<\/p>\n\n\n\n
          \"\"<\/figure>\n\n\n\n
          4. Experimental setup<\/h3>\n\n\n\n
          4.1. Experimental topology<\/h4>\n\n\n\n
          \uc11c\ub85c \ub2e4\ub978 \uacf5\uae09\uc5c5\uccb4\uc758 \ub450 \uac1c\uc758 \ub3c5\ub9bd\uc801\uc778 \uc0dd\uc0b0 \ub77c\uc778\uacfc \ucd5c\uc885 \uc7a5\uce58\ub85c \uad6c\ud604\ub41c\ub2e4.<\/p>\n\n\n\n
          \"\"<\/figure>\n\n\n\n
          \ub124\ud2b8\uc6cc\ud06c \uc804\ub2ec \uacb0\uc815\uc740 Ryu SDN \ucee8\ud2b8\ub864\ub7ec\uc640 \ub124\ud2b8\uc6cc\ud06c\uc758 \uc5ec\ub7ec \uc7a5\uce58\ub97c \uc5f0\uacb0\ud558\ub294 3\uac1c\uc758 OpenVSwitch \uc2a4\uc704\uce58\ub97c \uc0ac\uc6a9\ud558\uc5ec \uc911\uc559 \uc9d1\uc911\uc2dd\uc73c\ub85c \uc774\ub8e8\uc5b4\uc9c4\ub2e4.
          IP, MAC, \ud3ec\ud2b8 \ubb34\uc791\uc704\ud654\ub97c \uc218\ud589\ud558\ub294 \ud50c\ub85c\uc6b0 \uaddc\uce59\uc744 \uad00\ub9ac\ud558\ub294 \uc560\ud50c\ub9ac\ucf00\uc774\uc158\uc740, Northbound interface\uc778 REST API\ub97c \ud1b5\ud574 SDN \ucee8\ud2b8\ub864\ub7ec\uc640 \uc0c1\ud638\uc791\uc6a9\ud55c\ub2e4. SDN \ucee8\ud2b8\ub864\ub7ec\ub294 \uc774 \uc694\uccad\ub4e4\uc744 OpenFlow \ud504\ub85c\ud1a0\ucf5c\uc744 \uc0ac\uc6a9\ud558\uc5ec \uc2a4\uc704\uce58\ub85c \uc804\ub2ec\ud558\uba70, \ud3ec\uc6cc\ub529 \uc7a5\uce58(\uc2a4\uc704\uce58)\ub294 \ud328\ud0b7\uc744 \uc2a4\uc704\uce58 \uc0c1\uc5d0\uc11c \uc9c1\uc811 \ucc98\ub9ac\ud55c\ub2e4.<\/p>\n\n\n\n
          4.2. Threat model<\/h4>\n\n\n\n
          SDN \ucee8\ud2b8\ub864\ub7ec\uc640 Northbound interface\ub97c \ud1b5\ud574 \ucee8\ud2b8\ub864\ub7ec\uc640 \uc0c1\ud638\uc791\uc6a9\ud558\ub294 \uc560\ud50c\ub9ac\ucf00\uc774\uc158\ub4e4\uc740 \uc2e0\ub8b0\ud560 \uc218 \uc788\ub2e4(trusted)\uace0 \uac00\uc815\ud558\uba70, \uacf5\uaca9\uc790\ub294 \ub0b4\ubd80 \ub124\ud2b8\uc6cc\ud06c\uc5d0 \uc874\uc7ac\ud558\ub294 \uac83\uc73c\ub85c \uac00\uc815\ud55c\ub2e4.<\/p>\n\n\n\n
          \ubcf8 \uc5f0\uad6c\uc5d0\uc11c \uc81c\uc548\ud558\ub294 \uc120\uc81c\uc801 \ubc29\uc5b4 \uc2dc\uc2a4\ud15c(proactive defense system)\uc758 \uc644\uc804\ud55c \uac00\ub2a5\uc131\uc744 \uc2dc\ud5d8\ud558\uace0 \uc7a0\uc7ac\uc801 \uacf5\uaca9\uc744 \uc2dc\ubbac\ub808\uc774\uc158\ud558\uae30 \uc704\ud574, \ud14c\uc2a4\ud2b8\ubca0\ub4dc \ub0b4 \ub450 OpenFlow \uc2a4\uc704\uce58 \uc0ac\uc774\uc758 \ub9c1\ud06c\uc5d0 \uc911\uac04\uc790 \uacf5\uaca9(Man-in-the-Middle, MITM)\uc744 \uc218\ud589\ud558\ub294 \ucef4\ud4e8\ud130\ub97c \ubc30\uce58\ud558\uc600\ub2e4. \uacf5\uaca9\uc790\ub294 \uc774 \uc190\uc0c1\ub41c \ub9c1\ud06c\ub97c \ud1b5\ud574 \ub124\ud2b8\uc6cc\ud06c \ud328\ud0b7\uc744 \uc218\uc9d1\ud558\uace0 \uc0bd\uc785(inject)\ud560 \uc218 \uc788\ub2e4.<\/p>\n\n\n\n
          \ub9cc\uc57d \ucd5c\uc885 \uc7a5\uce58(end device) \uc911 \ud558\ub098\uac00 \uc190\uc0c1\ub418\uc5b4 \uadf8 \uc7a5\uce58\uc5d0\uc11c \uc815\ucc30 \uacf5\uaca9\uc774 \uc218\ud589\ub41c\ub2e4\uba74, 
          \uacf5\uaca9\uc790\ub294 \ucd5c\uc885 \uc7a5\uce58 \ubc0f \ud504\ub85c\ud1a0\ucf5c\uc5d0 \ub300\ud574 <\/p>\n\n\n\n