In this paper, we propose a scalable and seamless connection migration scheme for moving target defense in legacy networks. The main idea is that a host is allowed to receive incoming packets with a destination address that is either its current IP address or its previous IP address for a period of time because the host does not physically move into another network. Experimental results show that our scheme outperforms the existing connection migration mechanism regardless of the number of active connections in the host.

The ability to recognize quickly inside network flows to be executable is prerequisite for malware detection. For this purpose, we introduce an instruction transition probability matrix (ITPX) which is comprised of the IA-32 instruction sets and reveals the characteristics of executable code's instruction transition patterns. And then, we propose a simple algorithm to detect executable code inside network flows using a reference ITPX which is learned from the known Windows Portable Executable files. We have tested the algorithm with more than thousands of executable and non-executable codes. The results show that it is very promising enough to use in real world.

In this Letter, we investigate the loss performance of a discrete-time single-server queueing system with periodic vacations, with which we are often confronted in traffic control, such as cell scheduling or priority control schemes, at ATM nodes. Explicit expressions are derived for the cell loss ratio in terms of the distribution of the buffer contents in an infinite capacity queue.