Abstract: Systems and methods are provided to implement a moving target defense for a server computer. The server computer can be provided both a permanent IP address and a temporary IP address. The temporary IP address can be used when communicating with client computers connected to the server computer. The temporary IP address can be dynamically changed at a predetermined interval that can be varied based on conditions at the server computer. An intrusion detection system can be used with the moving target defense systems and methods to identify attacks on the server computer based on the temporary IP address(es) provided by the server computer. When an attack is identified, the corresponding client computer is determined based on the temporary IP address and the client computer is placed on a blacklist that is not provided with new temporary IP addresses when the server computer changes temporary IP address.

Abstract: Systems and methods are provided to implement a moving target defense for a server computer. The server computer can be provided both a permanent IP address and a temporary IP address. The temporary IP address can be used when communicating with client computers connected to the server computer. The temporary IP address can be dynamically changed at a predetermined interval that can be varied based on conditions at the server computer. An intrusion detection system can be used with the moving target defense systems and methods to identify attacks on the server computer based on the temporary IP address(es) provided by the server computer. When an attack is identified, the corresponding client computer is determined based on the temporary IP address and the client computer is placed on a blacklist that is not provided with new temporary IP addresses when the server computer changes temporary IP address.

Abstract: Systems and methods are provided to implement moving target defense techniques for transportation systems. The moving target defense techniques can randomly change the IP addresses of the nodes associated with both the vehicles and the corresponding control centers. The nodes for the vehicles and the control centers can be “mobile” nodes that use a “care-of” IP address for communications. The care-of address used by the nodes can be updated through a binding update process. During the binding update process, the one node sends the binding update notice (with a new care-of address) to the care-of address of the other node while maintaining its prior care-of address. The node that receives the binding update notice can send a binding acknowledgement back to the node that sent the binding update. Once the binding acknowledgement is received, the prior care-of address can be removed by the node that sent the binding update.

Abstract: Systems and methods are provided to implement a moving target defense for a server computer. The server computer can be provided both a permanent IP address and a temporary IP address. The temporary IP address can be used when communicating with client computers connected to the server computer. The temporary IP address can be dynamically changed at a predetermined interval that can be varied based on conditions at the server computer. An intrusion detection system can be used with the moving target defense systems and methods to identify attacks on the server computer based on the temporary IP address(es) provided by the server computer. When an attack is identified, the corresponding client computer is determined based on the temporary IP address and the client computer is placed on a blacklist that is not provided with new temporary IP addresses when the server computer changes temporary IP address.

Abstract: Systems and methods are provided to implement moving target defense techniques for transportation systems. The moving target defense techniques can randomly change the IP addresses of the nodes associated with both the vehicles and the corresponding control centers. The nodes for the vehicles and the control centers can be “mobile” nodes that use a “care-of” IP address for communications. The care-of address used by the nodes can be updated through a binding update process. During the binding update process, the one node sends the binding update notice (with a new care-of address) to the care-of address of the other node while maintaining its prior care-of address. The node that receives the binding update notice can send a binding acknowledgement back to the node that sent the binding update. Once the binding acknowledgement is received, the prior care-of address can be removed by the node that sent the binding update.

Abstract: Systems and methods are provided to implement an anti-censorship framework that includes moving target defense systems and methods. The framework can be implemented at a web server hosting content that is intended to be accessed by one or more users. The web server can utilize dynamically changing IP addresses to avoid filtering and blocking (and also from being attacked) by censors. Users can be assigned to random groups and provided with a dynamic IP address of the web server that is unique for that group. After some time interval (called a shuffling interval), the web server can generate new sets of dynamic IP addresses and re-randomize the user groups and update the users with new IP addresses for the web server.

Abstract: Systems and methods are provided to implement moving target defense techniques for transportation systems. The moving target defense techniques can randomly change the IP addresses of the nodes associated with both the vehicles and the corresponding control centers. The nodes for the vehicles and the control centers can be “mobile” nodes that use a “care-of” IP address for communications. The care-of address used by the nodes can be updated through a binding update process. During the binding update process, the one node sends the binding update notice (with a new care-of address) to the care-of address of the other node while maintaining its prior care-of address. The node that receives the binding update notice can send a binding acknowledgement back to the node that sent the binding update. Once the binding acknowledgement is received, the prior care-of address can be removed by the node that sent the binding update.