Anonymous communications in software-defined networks via route hopping and IP address randomization

摘要

A system and method that rely on a centralized and trusted control mechanism for a software-defined network (SDN) to dynamically assign routes between two end points, and to simultaneously change their real IP addresses to fake IP addresses to establish short-lived obfuscated communications paths with a goal of preserving anonymity. The SDN controller determines the short-lived routes from a feasible route-set and new fake IP addresses from a reserved address pool for the source and destination hosts. It provisions only the switches along the route with rules so that a switch can forward packets of the data flow to another switch without needing to know the actual IP addresses of the communicating endpoints, and hence, providing strict anonymity even when the switches are compromised.