Towards a Theory of Moving Target Defense

Zhuang, Rui; DeLoach, Scott A.; Ou, Xinming

doi:10.1145/2663474.2663479

Cited by 188 publications

(103 citation statements)

References 27 publications

Supporting

Mentioning

101

Contrasting

Unclassified

Order By: Relevance

“…In addition, the authors enhanced their GAbased MTD to change computer configurations by changing mutation as well as using the feedback about system security status [84]. Zhuang et al [172] also used a GA to generate system configurations with high diversity for maximizing system security.…”

Section: B Genetic Algorithm-based Mtdmentioning

confidence: 99%

Toward Proactive, Adaptive Defense: A Survey on Moving Target Defense

Cho

Sharma

Alavizadeh

et al. 2020

IEEE Commun. Surv. Tutorials

175

View full text Add to dashboard Cite

Reactive defense mechanisms, such as intrusion detection systems, have made significant efforts to secure a system or network for the last several decades. However, the nature of reactive security mechanisms has limitations because potential attackers cannot be prevented in advance. We are facing a reality with the proliferation of persistent, advanced, intelligent attacks while defenders are often way behind attackers in taking appropriate actions to thwart potential attackers. The concept of moving target defense (MTD) has emerged as a proactive defense mechanism aiming to prevent attacks. In this work, we conducted a comprehensive, in-depth survey to discuss the following aspects of MTD: key roles, design principles, classifications, common attacks, key methodologies, important algorithms, metrics, evaluation methods, and application domains. We discuss the pros and cons of all aspects of MTD surveyed in this work. Lastly, we highlight insights and lessons learned from this study and suggest future work directions. The aim of this paper is to provide the overall trends of MTD research in terms of critical aspects of defense systems for researchers who seek for developing proactive, adaptive MTD mechanisms.

show abstract

Section: B Genetic Algorithm-based Mtdmentioning

confidence: 99%

Toward Proactive, Adaptive Defense: A Survey on Moving Target Defense

Cho

Sharma

Alavizadeh

et al. 2020

IEEE Commun. Surv. Tutorials

175

View full text Add to dashboard Cite

show abstract

“…Their simulation results show the potential for MTD to be effective in preventing attacks against computer networks. Furthermore, they proposed a formal theory to describe the MTD system and its basic properties and formalized the MTD entropy hypothesis, which states that the greater the entropy of the system configuration, the more effective the MTD system [22,23]. Stallings proposed the use of SDN in the implementation of MTD mitigations.…”

Section: Related Workmentioning

confidence: 99%

CHAOS: An SDN-Based Moving Target Defense System

Shi

Zhang

Wang

et al. 2017

Security and Communication Networks

View full text Add to dashboard Cite

Moving target defense (MTD) has provided a dynamic and proactive network defense to reduce or move the attack surface that is available for exploitation. However, traditional network is difficult to realize dynamic and active security defense effectively and comprehensively. Software-defined networking (SDN) points out a brand-new path for building dynamic and proactive defense system. In this paper, we propose CHAOS, an SDN-based MTD system. Utilizing the programmability and flexibility of SDN, CHAOS obfuscates the attack surface including host mutation obfuscation, ports obfuscation, and obfuscation based on decoy servers, thereby enhancing the unpredictability of the networking environment. We propose the Chaos Tower Obfuscation (CTO) method, which uses the Chaos Tower Structure (CTS) to depict the hierarchy of all the hosts in an intranet and define expected connection and unexpected connection. Moreover, we develop fast CTO algorithms to achieve a different degree of obfuscation for the hosts in each layer. We design and implement CHAOS as an application of SDN controller. Our approach makes it very easy to realize moving target defense in networks. Our experimental results show that a network protected by CHAOS is capable of decreasing the percentage of information disclosure effectively to guarantee the normal flow of traffic.

show abstract

“…Zhuang [33,36] made a first attempt using Markov models to analyze MTD strategies; each state in the proposed Markov model represents the complete configuration of the whole system which means that the number of states in the Markov model grows exponentially in the number of machines in the system. This attempt being too complex, Zhuang [33,35] considers an attack graph as a Markov model where transitions are labeled with a probability density and where nodes keep track of the machine's configuration together with necessary overall system parameters of which the probability densities are a function.…”

Section: Related Workmentioning

confidence: 99%

Markov Modeling of Moving Target Defense Games

Maleki

Valizadeh

Koch

et al. 2016

Proceedings of the 2016 ACM Workshop on Moving Target Defense

View full text Add to dashboard Cite

We introduce a Markov-model-based framework for Moving Target Defense (MTD) analysis. The framework allows modeling of broad range of MTD strategies, provides general theorems about how the probability of a successful adversary defeating an MTD strategy is related to the amount of time/cost spent by the adversary, and shows how a multi-level composition of MTD strategies can be analyzed by a straightforward combination of the analysis for each one of these strategies. Within the proposed framework we define the concept of security capacity which measures the strength or effectiveness of an MTD strategy: the security capacity depends on MTD specific parameters and more general system parameters. We apply our framework to two concrete MTD strategies.

show abstract

Towards a Theory of Moving Target Defense

Cited by 188 publications

References 27 publications

Toward Proactive, Adaptive Defense: A Survey on Moving Target Defense

Toward Proactive, Adaptive Defense: A Survey on Moving Target Defense

CHAOS: An SDN-Based Moving Target Defense System

Markov Modeling of Moving Target Defense Games

Contact Info

Product

Resources

About