Browse Prior Art Database

Improving Security by changing IP address regularly with IP address detection and notification tools

IP.com Disclosure Number: IPCOM000131719D
Original Publication Date: 2005-Nov-17
Included in the Prior Art Database: 2005-Nov-17
Document File: 3 page(s) / 71K

Publishing Venue

IBM

Abstract

Disclosed is a new method for improving security by changing an IP address regularly and notifying the registered users of the new address. Systems accessed from the Internet normally publish a fixed IP address so that everybody can access the system with the same IP address. Yet, this approach can create a vulnerability in network security in that hackers can target a system forever once they know the IP address. From the security point of view, ideally, it is better to change the IP address regularly for the same security reasons we change any password.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 54% of the total text.

Page 1 of 3

Improving Security by changing IP address regularly with IP address detection and notification tools

Disclosed is a new method for improving security by changing an IP address regularly and notifying the registered users of the new address.

Systems accessed from the Internet normally publish a fixed IP address so that everybody can access the system with the same IP address. Yet, this approach can create a vulnerability in network security in that hackers can target a system forever once they know the IP address. From the security point of view, ideally, it is better to change the IP address regularly for the same security reasons we change any password.

To implement changing the IP address regularly, a dynamic IP address must be used instead of a fixed IP address. However, there is a problem in that a dynamic IP address can be changed and then the users cannot access the system with the address they used previously.

To resolve this problem, two functions must be implemented.
1) Continuously checking whether or not the IP address has been changed, since a dynamic IP address can be changed at any time in response to events, such as when a network connection is terminated and reestablished.
2) Notifying only the registered users of the currently available IP address. This would also strengthen security in comparison to publishing an IP address to all Internet users.

The new method consists of three parts.


1) Intentionally changing the global IP address regularly.
2) Regularly checking whether or not the dynamic IP address has been changed to detect unexpected address changes.
3) Notifying the registered users of the new IP address after detecting an IP address change.

Figure 1 depicts an actual flow in our environment.
1) Changing the IP address once a week.
2) Checking for a change of the IP address once each hour.
3) Notifying the registered users of the new address.

Then the users can access the system.

Figure 2 depicts the program flow.

The steps from 1.1) to 1.9) show terminating and restarting the PPP connection to change the IP address.
1.1) Start a Web browser and input the local URL to show the PPP screen to restart the network connection.
1.2) Input the user id and password.
1.3) Press the terminate button to terminate the network connection and sleep for 30 seconds.
1.4) Input the local URL to show the PPP screen to restart the network connec...