Date of Award
Master of Science
Department of Electrical and Computer Engineering
Barry E. Mullins, PhD.
This thesis explores the viability of using Internet Protocol (IP) address hopping in front of a network as a defensive measure. This research presents a custom gateway-based IP hopping solution called Address Routing Gateway (ARG) that acts as a transparent IP address hopping gateway. This thesis tests the overall stability of ARG, the accuracy of its classifications, the maximum throughput it can support, and the maximum rate at which it can change IPs and still communicate reliably. This research is accomplished on a physical test network with nodes representing the types of hosts found on a typical, corporate-style network. Direct measurement is used to obtain all results for each factor level. Tests demonstrate ARG classifies traffic correctly, with no false negatives and less than a 0.15% false positive rate on average. The test environment conservatively shows this to be true as long as the IP address change interval exceeds two times the network's round-trip latency; real-world deployments may allow for more frequent hopping. Results show ARG capably handles traffic of at least four megabits per second with no impact on packet loss. Fuzz testing validates the stability of ARG itself, although additional packet loss of around 23% appears when under attack.
DTIC Accession Number
Morehart, Ryan A ., "Evaluating the Effectiveness of IP Hopping via an Address Routing Gateway" (2013). Theses and Dissertations. 889.