Skip to main content
SpringerLink
Log in

Moving Target Defense Quantification

  • Chapter
  • First Online:
Adversarial and Uncertain Reasoning for Adaptive Cyber Defense

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11830))

Abstract

Moving Target Defense (MTD) has the potential to increase the cost and complexity for threat actors by creating asymmetric uncertainty in the cyber security landscape. The tactical advantages that MTD can provide to the defender have led to the development of a vast array of diverse techniques, which are designed to operate under different constraints and against different classes of threats. Due to the diverse nature of these various techniques and the lack of shared metrics to assess their benefits and cost, comparing multiple techniques is not a trivial task. We addressed this gap by designing a framework to enable a uniform approach to the analysis and quantification of MTD techniques. This framework looks at each MTD technique in terms of the attacker’s knowledge it is capable of compromising, thus enabling direct comparison of any two techniques or set of techniques.

The work presented in this chapter was supported by the Army Research Office under grant W911NF-13-1-0421.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 49.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 64.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    http://www.trespass-project.eu.

References

  1. Alomari, F., Menascé, D.A.: An autonomic framework for integrating security and quality of service support in databases. In: Proceedings of the 6th International Conference on Software Security and Reliability (SERE 2012), pp. 51–60. IEEE, Gaithersburg, June 2012

    Google Scholar 

  2. Boyd, S.W., Keromytis, A.D.: SQLrand: preventing SQL injection attacks. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 292–302. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24852-1_21

    Chapter  Google Scholar 

  3. Cai, G., Wang, B., Luo, Y., Hu, W.: A model for evaluating and comparing moving target defense techniques based on generalized stochastic Petri Net. In: Wu, J., Li, L. (eds.) ACA 2016. CCIS, vol. 626, pp. 184–197. Springer, Singapore (2016). https://doi.org/10.1007/978-981-10-2209-8_16

    Chapter  Google Scholar 

  4. Carroll, T.E., Crouse, M., Fulp, E.W., Berenhaut, K.S.: Analysis of network address shuffling as a moving target defense. In: IEEE International Conference on Communications (ICC 2014), pp. 701–706. IEEE, Sydney, June 2014

    Google Scholar 

  5. Chen, S.G.: Reduced recursive inclusion-exclusion principle for the probability of union events. In: Proceedings of the IEEE International Conference on Industrial Engineering and Engineering Management (IEEM 2014), pp. 11–13. IEEE, Bandar Sunway, December 2014

    Google Scholar 

  6. Christey, S.: 2011 CWE/SANS top 25 most dangerous software errors (2011). http://cwe.mitre.org/top25/

  7. Connell, W., Albanese, M., Venkatesan, S.: A framework for moving target defense quantification. In: De Capitani di Vimercati, S., Martinelli, F. (eds.) SEC 2017. IAICT, vol. 502, pp. 124–138. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-58469-0_9

    Chapter  Google Scholar 

  8. Connell, W., Menascé, D.A., Albanese, M.: Performance modeling of moving target defenses. In: Proceedings of the 4th ACM Workshop on Moving Target Defense (MTD 2017), pp. 53–63. ACM, Dallas, October 2017

    Google Scholar 

  9. Connell, W., Pham, L.H., Philip, S.: Analysis of concurrent moving target defenses. In: Proceedings of the 5th ACM Workshop on Moving Target Defense (MTD 2018), pp. 21–30. ACM, Toronto, October 2018

    Google Scholar 

  10. Farris, K.A., Cybenko, G.: Quantification of moving target cyber defenses. In: Proceedings of SPIE Defense + Security 2015, Baltimore, MD, USA, April 2015

    Google Scholar 

  11. Howard, M., LeBlanc, D.: Writing Secure Code. Developer Best Practices Series, 2nd edn. Microsoft Press, Redmond (2002)

    Google Scholar 

  12. Jafarian, J.H., Al-Shaer, E., Duan, Q.: Spatio-temporal address mutation for proactive cyber agility against sophisticated attackers. In: Proceedings of the 1st ACM Workshop on Moving Target Defense (MTD 2014), pp. 69–78. ACM, Scottsdale, November 2014

    Google Scholar 

  13. Jajodia, S., Ghosh, A.K., Swarup, V., Wang, C., Wang, X.S. (eds.): Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats. Advances in Information Security, vol. 54. Springer, New York (2011). https://doi.org/10.1007/978-1-4614-0977-9

    Book  Google Scholar 

  14. Jajodia, S., Noel, S., O’Berry, B.: Topological analysis of network attack vulnerability. In: Kumar, V., Srivastava, J., Lazarevic, A. (eds.) Managing Cyber Threats: Issues, Approaches, and Challenges, Massive Computing, vol. 5, pp. 247–266. Springer, Boston (2005). https://doi.org/10.1007/0-387-24230-9_9

    Chapter  Google Scholar 

  15. Jia, Q., Sun, K., Stavrou, A.: MOTAG: moving target defense against internet denial of service attacks. In: Proceedings of the 22nd International Conference on Computer Communications and Networks (ICCCN 2013). IEEE, Nassau, August 2013

    Google Scholar 

  16. Jia, Q., Wang, H., Fleck, D., Li, F., Stavrou, A., Powell, W.: Catch me if you can: a cloud-enabled DDoS defense. In: Proceedings of the 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2014), pp. 264–275. IEEE, Atlanta, June 2014

    Google Scholar 

  17. Lasdon, L.S., Fox, R.L., Ratner, M.W.: Nonlinear optimization using the generalized reduced gradient method. RAIRO Recherche opérationnelle 8(V3), 73–103 (1974)

    Article  MathSciNet  Google Scholar 

  18. Shacham, H., Page, M., Pfaff, B., Go, E.J., Modadugu, N., Boneh, D.: On the effectiveness of address-space randomization. In: Proceedings of the 11th ACM Conference on Computer and Communications Security (CCS 2004), pp. 298–307. ACM, Washington DC, October 2004

    Google Scholar 

  19. Soule, N., et al.: Quantifying & minimizing attack surfaces containing moving target defenses. In: Proceedings of the Resilience Week (RWS 2015), pp. 220–225. IEEE, Philadelphia, August 2015

    Google Scholar 

  20. Venkatesan, S., Albanese, M., Cybenko, G., Jajodia, S.: A moving target defense approach to disrupting stealthy botnets. In: Proceedings of the 3rd ACM Workshop on Moving Target Defense (MTD 2016), pp. 37–46. ACM, Vienna, October 2016

    Google Scholar 

  21. Wang, L., Islam, T., Long, T., Singhal, A., Jajodia, S.: An attack graph-based probabilistic security metric. In: Atluri, V. (ed.) DBSec 2008. LNCS, vol. 5094, pp. 283–296. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-70567-3_22

    Chapter  Google Scholar 

  22. Ward, B.C., et al.: Survey of cyber moving targets. Technical report 1228. MIT Lincoln Laboratory, Lexington, MA, USA, January 2018

    Google Scholar 

  23. Zaffarano, K., Taylor, J., Hamilton, S.: A quantitative framework for moving target defense effectiveness evaluation. In: Proceedings of the 2nd ACM Workshop on Moving Target Defense (MTD 2015), pp. 3–10. ACM, Denver, October 2015

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. George Mason University, Fairfax, VA, USA

    Massimiliano Albanese & Warren Connell

  2. Perspecta Labs, Basking Ridge, NJ, USA

    Sridhar Venkatesan

  3. Dartmouth College, Hanover, NH, USA

    George Cybenko

Authors
  1. Massimiliano Albanese
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Warren Connell
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sridhar Venkatesan
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. George Cybenko
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Massimiliano Albanese .

Editor information

Editors and Affiliations

  1. George Mason University, Fairfax, VA, USA

    Sushil Jajodia

  2. Dartmouth College, Hanover, NH, USA

    George Cybenko

  3. Pennsylvania State University, University Park, PA, USA

    Peng Liu

  4. Army Research Laboratory, Triangle Park, NC, USA

    Cliff Wang

  5. University of Michigan, Ann Arbor, MI, USA

    Michael Wellman

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Albanese, M., Connell, W., Venkatesan, S., Cybenko, G. (2019). Moving Target Defense Quantification. In: Jajodia, S., Cybenko, G., Liu, P., Wang, C., Wellman, M. (eds) Adversarial and Uncertain Reasoning for Adaptive Cyber Defense. Lecture Notes in Computer Science(), vol 11830. Springer, Cham. https://doi.org/10.1007/978-3-030-30719-6_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-30719-6_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-30718-9

  • Online ISBN: 978-3-030-30719-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation