Defensive Maneuver Cyber Platform Modeling with Stochastic Petri Nets

Abstract: Distributed and parallel applications are critical information technology systems in multiple industries, including academia, military, government, financial, medical, and transportation. These applications present target rich environments for malicious attackers seeking to disrupt the confidentiality, integrity and availability of these systems. Applying the military concept of defense cyber maneuver to these systems can provide protection and defense mechanisms that allow survivability and operational contin… Show more

“…Existing works include MUTE (Al-Shaer, 2011), multi-layer Han et al (2014) Theoretical analysis E Provide a general approach for using cyber epidemic dynamics and two metrics to characterize the power of MTDs c Evans et al (2011) A game model E Consider five attacking scenarios (circumvention attacks, deputy attacks, brute force and entropy reduction attacks, probing attacks, and incremental attacks) to evaluate the effectiveness of dynamic diversity defenses and conclude that MTD is not always effective c Xu et al (2014) A three-layer model E Provide a general model to evaluate the effectiveness of MTDs. Furthermore, this model can be used to compare the effects of different MTDs c Moody et al (2014) Stochastic Petri nets model E-F Evaluate the benefits of the maneuverability for the defensive maneuver cyber platform, which uses MTD and deceptive defense. Furthermore, identify that the ratio of deceptive to operational nodes and the transition firing rate can influence the defense effect d Carroll et al (2014) Urn models and simulation E-F Analyze the effectiveness of network address shuffling.…”

“…It is the first approach to evaluate and compare the effectiveness of different MTD techniques; however, it is too complicated for users. Moody et al (2014) used stochastic Petri nets (SPNs) to model and evaluate a defensive maneuver cyber platform, which uses MTD and deceptive defense tactics. Through the use of SPNs to model each node comprising the platform and the whole platform system, they discussed the trade-offs between security and operations in the defensive maneuver cyber platform, specifically identifying the impact of the transition firing rate.…”

Moving target defense: state of the art and characteristics

“…Existing works include MUTE (Al-Shaer, 2011), multi-layer Han et al (2014) Theoretical analysis E Provide a general approach for using cyber epidemic dynamics and two metrics to characterize the power of MTDs c Evans et al (2011) A game model E Consider five attacking scenarios (circumvention attacks, deputy attacks, brute force and entropy reduction attacks, probing attacks, and incremental attacks) to evaluate the effectiveness of dynamic diversity defenses and conclude that MTD is not always effective c Xu et al (2014) A three-layer model E Provide a general model to evaluate the effectiveness of MTDs. Furthermore, this model can be used to compare the effects of different MTDs c Moody et al (2014) Stochastic Petri nets model E-F Evaluate the benefits of the maneuverability for the defensive maneuver cyber platform, which uses MTD and deceptive defense. Furthermore, identify that the ratio of deceptive to operational nodes and the transition firing rate can influence the defense effect d Carroll et al (2014) Urn models and simulation E-F Analyze the effectiveness of network address shuffling.…”

“…It is the first approach to evaluate and compare the effectiveness of different MTD techniques; however, it is too complicated for users. Moody et al (2014) used stochastic Petri nets (SPNs) to model and evaluate a defensive maneuver cyber platform, which uses MTD and deceptive defense tactics. Through the use of SPNs to model each node comprising the platform and the whole platform system, they discussed the trade-offs between security and operations in the defensive maneuver cyber platform, specifically identifying the impact of the transition firing rate.…”

Moving target defense: state of the art and characteristics

“…The main methods in the research of security evaluation model of MTD systems are Markov stochastic process and stochastic Petri net. Moody et al [15] put forward a stochastic Petri-net evaluation model that can be used to understand, evaluate and optimize the cost and benefit of MTD systems in a distributed application environment, and can be used for security assessment of critical infrastructure in cyberspace. Zhuang et al [16] proposed an analysis model based on Markov chain, which combines network node configuration, adaptation interval and number of nodes in each interval to calculate the probability of successful MTD attack.…”

A Generalized Information Security Model SOCMD for CMD Systems

“…Moody W, et al [23] analyzes the tradeoffs between security and operations using a Stochastic petri net (SPN) model of a defensive maneuver cyber platform. Robert Mitchell et al [24] develops an analytical model based on stochastic Petri nets to capture the dynamics between adversary behavior and defense for cyber physical systems. Guilin Cai, et al [25] develops a generalized abstract performance evaluation model for Moving target defense using Generalized stochastic petri net (GSPN).…”

Performance Modeling Based on GSPN for Cyberspace Mimic DNS