Skip to main content
SpringerLink
Log in

Repeatable Experimentation for Cybersecurity Moving Target Defense

  • Conference paper
  • First Online:
Security and Privacy in Communication Networks (SecureComm 2021)

  • 1162 Accesses

Abstract

The scientific method emphasizes that repeatable experimentation is critical for several reasons; to facilitate comparative analysis, to recreate experiments, to re-validate reported results, to critique and propose improvements, and to augment the work. In the field of cybersecurity moving target defense, where assets are shuffled to thwart attackers, it is critical to know what strategies work best, the success factors, and how these strategies may impact system performance. While some researchers make their algorithms, models, and tools available as open source, it is difficult and, in some cases, impossible to recreate studies due to the lack of the original operating environment or no support for software components used within that environment.

In this paper, we present the repeatable experimentation system (RES), which aids in creating and recreating networked virtual environments to conduct comparative network studies. Experiments are composed of virtual machines, containers, automation scripts, and other artifacts that are needed to recreate and re-run a study. This includes data collection and analysis. We provide a case study where we incorporate two publicly available moving target defense implementations that use different underlying software components. We present how RES can be used for fully automated experimentation along with an analysis on the results obtained from parallel and sequential executions. We have packaged the case study into a RES file that can be used by other researchers to repeat, modify, and improve on these and other works .

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 89.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 119.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Available at: https://github.com/ARL-UTEP-OC/res.

  2. 2.

    Available at: https://github.com/ARL-UTEP-OC/res-ryu-mtd.

  3. 3.

    Available at https://github.com/pschmitt/guacapy.

References

  1. Ahrenholz, J., Danilov, C., Henderson, T.R., Kim, J.H.: CORE: a real-time network emulator. In: MILCOM 2008–2008 IEEE Military Communications Conference, pp. 1–7 (2008)

    Google Scholar 

  2. Al-Shaer, E., Duan, Q., Jafarian, J.H.: Random host mutation for moving target defense. In: Keromytis, A.D., Di Pietro, R. (eds.) SecureComm 2012. LNICST, vol. 106, pp. 310–327. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36883-7_19

    Chapter  Google Scholar 

  3. Carroll, T.E., Crouse, M., Fulp, E.W., Berenhaut, K.S.: Analysis of network address shuffling as a moving target defense. In: 2014 IEEE International Conference on Communications (ICC), pp. 701–706 (2014)

    Google Scholar 

  4. Carter, K.M., Riordan, J.F., Okhravi, H.: A game theoretic approach to strategy determination for dynamic platform defenses. In: Proceedings of the First ACM Workshop on Moving Target Defense, MTD 2014, pp. 21–30 (2014). https://doi.org/10.1145/2663474.2663478

  5. Cho, J.H., et al.: Toward proactive, adaptive defense: a survey on moving target defense. arXiv preprint arXiv:1909.08092 (2019)

  6. Clark, A., Sun, K., Poovendran, R.: Effectiveness of IP address randomization in decoy-based moving target defense. In: 52nd IEEE Conference on Decision and Control, pp. 678–685 (2013)

    Google Scholar 

  7. Crouse, M., Prosser, B., Fulp, E.W.: Probabilistic performance analysis of moving target and deception reconnaissance defenses. In: Proceedings of the Second ACM Workshop on Moving Target Defense, MTD 2015, pp. 21–29 (2015). https://doi.org/10.1145/2808475.2808480

  8. Dishington, C., Sharma, D.P., Kim, D.S., Cho, J., Moore, T.J., Nelson, F.F.: Security and performance assessment of IP multiplexing moving target defence in software defined networks. In: 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), pp. 288–295 (2019)

    Google Scholar 

  9. Gangappa, G.S.: Moving target defense RHM using SDN (2018). https://github.com/girishsg24/Moving-Target-Defense-RHM-using-SDN. Accessed 20 Feb 2021

  10. Apache guacamole. https://guacamole.apache.org, https://guacamole.apache.org. Accessed 20 Feb 2021

  11. Hamlet, J.R., Lamb, C.C.: Dependency graph analysis and moving target defense selection. In: Proceedings of the 2016 ACM Workshop on Moving Target Defense, MTD 2016, pp. 105–116 (2016). https://doi.org/10.1145/2995272.2995277

  12. Vagrant by HashiCorp. https://www.vagrantup.com, https://www.vagrantup.com. Accessed 20 Feb 2021

  13. Hong, J.B., Kim, D.S.: Scalable security models for assessing effectiveness of moving target defenses. In: 2014 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, pp. 515–526 (2014)

    Google Scholar 

  14. Huang, C., Zhu, S., Yang, Y.: An evaluation framework for moving target defense based on analytic hierarchy process. EAI Endorsed Trans. Secur. Saf. 4, e4 (2018)

    Google Scholar 

  15. Huang, Y., Ghosh, A.K.: Introducing diversity and uncertainty to create moving attack surfaces for web services. In: Jajodia, S., Ghosh, A.K., Swarup, V., Wang, C., Wang, X.S. (eds.) Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats, pp. 131–151 (2011). https://doi.org/10.1007/978-1-4614-0977-9_8

  16. Jafarian, J.H., Al-Shaer, E., Duan, Q.: OpenFlow random host mutation: transparent moving target defense using software defined networking. In: Proceedings of the First Workshop on Hot Topics in Software Defined Networks, HotSDN 2012, pp. 127–132 (2012). https://doi.org/10.1145/2342441.2342467

  17. Kaur, K., Singh, J., Ghumman, N.S.: Mininet as software defined networking testing platform. In: International Conference on Communication, Computing & Systems (ICCCS), pp. 139–42 (2014)

    Google Scholar 

  18. Kyi Oo, W.K., Koide, H., Vasconcellos Vargas, D., Sakurai, K.: A new design for evaluating moving target defense system. In: 2018 Sixth International Symposium on Computing and Networking Workshops (CANDARW), pp. 561–563 (2018)

    Google Scholar 

  19. Lyon, G.F.: Nmap network scanning: the official Nmap project guide to network discovery and security scanning. Insecure. Com LLC (US) (2008)

    Google Scholar 

  20. MacFarland, D.C., Shue, C.A.: The SDN shuffle: creating a moving-target defense using host-based software-defined networking. In: Proceedings of the Second ACM Workshop on Moving Target Defense, MTD 2015, pp. 37–41 (2015). https://doi.org/10.1145/2808475.2808485

  21. Manadhata, P.K.: Game theoretic approaches to attack surface shifting. In: Jajodia, S., Ghosh, A.K., Subrahmanian, V., Swarup, V., Wang, C., Wang, X.S. (eds.) Moving Target Defense II, pp. 1–13 (2013). https://doi.org/10.1007/978-1-4614-5416-8_1

  22. MITRE ATT&CK (2019). https://attack.mitre.org/. Accessed 20 Feb 2021

  23. Paulos, A., Pal, P., Schantz, R., Benyo, B.: Moving target defense (MTD) in an adaptive execution environment. In: Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop, CSIIRW 2013 (2013). https://doi.org/10.1145/2459976.2460045

  24. Duan, Q., Al-Shaer, E., Jafarian, H.: Efficient random route mutation considering flow and network constraints. In: 2013 IEEE Conference on Communications and Network Security (CNS), pp. 260–268 (2013)

    Google Scholar 

  25. Rohitaksha, K., Rajendra, A.B.: Analysis of POX and Ryu controllers using topology based hybrid software defined networks. In: Karrupusamy, P., Chen, J., Shi, Y. (eds.) ICSCN 2019. LNDECT, vol. 39, pp. 49–56. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-34515-0_6

    Chapter  Google Scholar 

  26. Sharma, D.P., Kim, D.S., Yoon, S., Lim, H., Cho, J.H., Moore, T.J.: FRVM: flexible random virtual IP multiplexing in software-defined networks. In: 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), pp. 579–587 (2018)

    Google Scholar 

  27. Strom, B.E., Applebaum, A., Miller, D.P., Nickels, K.C., Pennington, A.G., Thomas, C.B.: MITRE ATT&CK: design and philosophy. MITRE Product MP, pp. 18–0944 (2018)

    Google Scholar 

  28. Vadlamud, S., et al.: Moving target defense for web applications using Bayesian stackelberg games. In: AAMAS 2016 - Proceedings of the 2016 International Conference on Autonomous Agents and Multiagent Systems, pp. 1377–1378 (2016)

    Google Scholar 

  29. Van Leeuwen, B.P., Stout, W.M.S., Urias, V.E.: Empirical assessment of network-based moving target defense approaches. In: MILCOM 2016–2016 IEEE Military Communications Conference, pp. 764–769 (2016)

    Google Scholar 

  30. VirtualBox. https://www.virtualbox.org/, https://www.virtualbox.org/. Accessed 20 Feb 2021

  31. Xu, J., Guo, P., Zhao, M., Erbacher, R.F., Zhu, M., Liu, P.: Comparing different moving target defense techniques. In: Proceedings of the First ACM Workshop on Moving Target Defense, MTD 2014, pp. 97–107 (2014). https://doi.org/10.1145/2663474.2663486

  32. Yoon, S., Cho, J.H., Kim, D.S., Moore, T.J., Free-Nelson, F., Lim, H.: Attack graph-based moving target defense in software-defined networks. IEEE Trans. Netw. Serv. Manage. 17(3), 1653–1668 (2020)

    Article  Google Scholar 

  33. Zhuang, R., DeLoach, S.A., Ou, X.: Towards a theory of moving target defense. In: Proceedings of the First ACM Workshop on Moving Target Defense, pp. 31–40 (2014). https://doi.org/10.1145/2663474.2663479

Download references

Author information

Authors and Affiliations

  1. DEVCOM Army Research Laboratory, Adelphi, USA

    Jaime C. Acosta & Frederica Free-Nelson

  2. University of Texas at El Paso, El Paso, USA

    Luisana Clarke, Stephanie Medina, Monika Akbar & Mahmud Shahriar Hossain

Authors
  1. Jaime C. Acosta
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Luisana Clarke
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Stephanie Medina
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Monika Akbar
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Mahmud Shahriar Hossain
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Frederica Free-Nelson
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jaime C. Acosta .

Editor information

Editors and Affiliations

  1. Télécom SudParis, Institut Polytechnique de Paris, Palaiseau, France

    Joaquin Garcia-Alfaro

  2. University of Kent Canterbury, Canterbury, Kent, UK

    Shujun Li

  3. University of Washington, Seattle, WA, USA

    Radha Poovendran

  4. Télécom SudParis, Institut Polytechnique de Paris, Palaiseau, France

    Hervé Debar

  5. Google Inc., New York, NY, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2021 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Acosta, J.C., Clarke, L., Medina, S., Akbar, M., Shahriar Hossain, M., Free-Nelson, F. (2021). Repeatable Experimentation for Cybersecurity Moving Target Defense. In: Garcia-Alfaro, J., Li, S., Poovendran, R., Debar, H., Yung, M. (eds) Security and Privacy in Communication Networks. SecureComm 2021. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 398. Springer, Cham. https://doi.org/10.1007/978-3-030-90019-9_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-90019-9_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-90018-2

  • Online ISBN: 978-3-030-90019-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation