Modeling Virtual Machine Migration as a Security Mechanism by using Continuous-Time Markov Chain Model

Kandoussi, El Mehdi; Mir, Iman El; Hanini, Mohamed; Haqiq, Abdelkrim

doi:10.1109/icocs.2019.8930781

Cited by 5 publications

(1 citation statement)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Virtual machines: The techniques imply changing the software stack of a system using virtualization which will lead to changing system characteristics and leverage the ability to defend against attacks [33]. Most VM migrations were deployed for cloud services and enhancement has been done such as using a continuous Markov chain to precisely select the destination server of the virtual machine [34]. In [35], the authors proposed an empirical study of using virtual machines as an MTD and showed that VM migration can significantly mitigate the memory DoS attack.…”

Section: Literature Reviewmentioning

confidence: 99%

A Comprehensive Architectural Framework of Moving Target Defenses Against DDoS Attacks

Amro

Salah

Moreb³

2023

JCSANDM

View full text Add to dashboard Cite

Distributed Denial-of-Service (DDoS) attacks are among the top toughest security threats in today’s cyberspace. The multitude, diversity, and variety of both the attacks and their countermeasures have the consequence that no optimal solutions exist. However, many mitigation techniques and strategies have been proposed among which is Moving Target Defense (MTD). MTD strategy keeps changing the system states and attack surface dynamically by continually applying various systems reconfigurations aiming at increasing the uncertainty and complexity for attackers. Current proposals of MTD fall into one of three strategies: shuffling, diversity, and redundancy, based on what to move? how to move? and when to move? Despite the existence of such strategies, a comprehensive Framework for MTD techniques against DDoS attacks that can be used for all types of DDoS attacks has not been proposed yet. In this paper, we propose a novel and comprehensive Framework of MTD techniques considering all stages, mechanisms, data sources, and criteria adopted by the research community, the Framework will apply to all DDoS attacks on different systems. To efficiently use our proposed model, a comprehensive taxonomy of MTD mitigation techniques and strategies is also provided and can be used as a reference guide for the best selection of the model’s parameters.

show abstract

Section: Literature Reviewmentioning

confidence: 99%