MOTAG: Moving Target Defense against Internet Denial of Service Attacks

Jia, Quan; Sun, Kun; Stavrou, Angelos

doi:10.1109/icccn.2013.6614155

Cited by 94 publications

(70 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…• What to move: 'What to move' refers to what system configuration attribute (i.e., attack surface) can be dynamically changed to confuse attackers. The example system or network attributes that can be changed include instruction sets [86,123], address space layouts [135], IP addresses [3,10,79,88,138], port numbers [97], proxies [83], virtual machines [165,20], operating systems [148], or software programs [76]. Table III summarizes the moving elements by MTD techniques in different system layers [4,69].…”

Section: B Key Design Principlesmentioning

confidence: 99%

Toward Proactive, Adaptive Defense: A Survey on Moving Target Defense

Cho

Sharma

Alavizadeh

et al. 2020

IEEE Commun. Surv. Tutorials

206

View full text Add to dashboard Cite

Reactive defense mechanisms, such as intrusion detection systems, have made significant efforts to secure a system or network for the last several decades. However, the nature of reactive security mechanisms has limitations because potential attackers cannot be prevented in advance. We are facing a reality with the proliferation of persistent, advanced, intelligent attacks while defenders are often way behind attackers in taking appropriate actions to thwart potential attackers. The concept of moving target defense (MTD) has emerged as a proactive defense mechanism aiming to prevent attacks. In this work, we conducted a comprehensive, in-depth survey to discuss the following aspects of MTD: key roles, design principles, classifications, common attacks, key methodologies, important algorithms, metrics, evaluation methods, and application domains. We discuss the pros and cons of all aspects of MTD surveyed in this work. Lastly, we highlight insights and lessons learned from this study and suggest future work directions. The aim of this paper is to provide the overall trends of MTD research in terms of critical aspects of defense systems for researchers who seek for developing proactive, adaptive MTD mechanisms.

show abstract

Section: B Key Design Principlesmentioning

confidence: 99%

Toward Proactive, Adaptive Defense: A Survey on Moving Target Defense

Cho

Sharma

Alavizadeh

et al. 2020

IEEE Commun. Surv. Tutorials

206

View full text Add to dashboard Cite

show abstract

“…Figure 2 shows the HARM of the virtualized system. The AT shown in Figure 2 for V M 1 (as shown in Table 1 [14], [15], [16] Application [17], [18] Diversity Topology [19], [20] Application [21], [22], [23], [24], [25], [26] Redundancy Topology [27], [28] Application [29], [30], [31], [32] …”

Section: Generating a Harmmentioning

confidence: 99%

“…At the application layer, Vikram et al [17] randomized HTML elements to mitigate web bots. Jia et al [18] showed the secure service access for clients by relocating secret proxies and shuffling client-to-proxy assignments.…”

Section: Related Workmentioning

confidence: 99%

“…The Shuffle technique rearranges the system setting in various layers (e..g., address ran-domization, migration, topology rearrangements) [12], [13], [14], [15], [16], [17], [18]. The Diversity technique provides equivalent functions with different implementations (e.g., operating systems, variant inputs and interpreters, variant software stack components) [19], [20], [21], [22], [23], [24], [25], [26].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Assessing the Effectiveness of Moving Target Defenses Using Security Models

Hong

Kim

2016

IEEE Trans. Dependable and Secure Comput.

137

View full text Add to dashboard Cite

Cyber crime is a developing concern, where criminals are targeting valuable assets and critical infrastructures within networked systems, causing a severe socio-economic impact on enterprises and individuals. Adopting Moving Target Defense (MTD) helps thwart cyber attacks by continuously changing the attack surface. There are numerous MTD techniques proposed in various domains (e.g., virtualized network, wireless sensor network), but there is still a lack of methods to assess and compare the effectiveness of them. Security models, such as an Attack Graph (AG), provide a formal method of analyzing the security, but incorporating MTD techniques in those security models has not been studied. In this paper, we incorporate MTD techniques into a security model, namely a Hierarchical Attack Representation Model (HARM), to assess the effectiveness of them. In addition, we use importance measures (IMs) for deploying MTD techniques to enhance the scalability. Finally, we compare the scalability of AG and HARM when deploying MTD techniques, as well as changes in performance and security in our experiments.

show abstract

“…Hence, besides keeping up with novel and advanced techniques for identifying and patching system vulnerabilities, detecting malware, and building new systems with security embedded from scratch, exploits, e.g., address space randomization (ASLR) [2][3][4] and instruction set randomization (ISR) [5,6]. Higher level MTD approaches have been mainly based on diversity-inspired software assignment [7][8][9], system and network re-configuration, substitution, and shuffling techniques [10][11][12][13]. In military environments, frequency hopping techniques such as Frequency Hopping Spread Spectrum (FHSS) [14] has been used to defend against eavesdropping and radio jamming for long time.…”

Section: Introductionmentioning

confidence: 99%

An Evaluation Framework for Moving Target Defense Based on Analytic Hierarchy Process

Huang¹,

Zhu²,

Yang³

2018

ICST Transactions on Security and Safety

View full text Add to dashboard Cite

A Moving Target Defense (MTD)-enabled system is one which can dynamically and rapidly change its properties and code such that the attackers do not have sufficient time to exploit it. Although a variety of MTD systems have been proposed, few work has focused on assessing the relative cost-effectiveness of different MTD approaches. In this paper, based on a generic MTD theory, we propose five general evaluation metrics and an assessment framework on top of Analytic Hierarchy Process (AHP), which aggregates these five metrics and systematically evaluates/compares security strengths and costs of multiple MTD-based approaches in the same category. This framework could be widely used in different MTD categories under various attacks and it will enable a security specialist to choose the best MTD approach from a set of possible alternatives based on his/her goal and understanding of the problem. A detailed case study on a specific MTD category called software diversification validates the effectiveness of this framework. Our evaluation results rank three software diversity algorithms and choose the best one among three based on problem setting and situation constraints.

show abstract

MOTAG: Moving Target Defense against Internet Denial of Service Attacks

Cited by 94 publications

References 20 publications

Toward Proactive, Adaptive Defense: A Survey on Moving Target Defense

Toward Proactive, Adaptive Defense: A Survey on Moving Target Defense

Assessing the Effectiveness of Moving Target Defenses Using Security Models

An Evaluation Framework for Moving Target Defense Based on Analytic Hierarchy Process

Contact Info

Product

Resources

About