Abstract:
Moving Target Defense (MTD) technology protects a target system by complicating the attacking process of adversaries. It has been gaining more and more attention with the...Show MoreMetadata
Abstract:
Moving Target Defense (MTD) technology protects a target system by complicating the attacking process of adversaries. It has been gaining more and more attention with the massive growth of vulnerabilities and the widespread deployment of critical network services. This paper aims to analyze service Mean Time To Failure (MTTF) in a vulnerable network system which suffers attacks from adversaries. The system consists of multiple Physical Machines (PM) and each PM can support Docker Containers (DC) to run service. It applies Dynamic Platform Protection Technique (DPT), a kind of MTD techniques, to reduce the impact of attacks on service. A DC can be live migrated among these PMs in order to provision continuous service to users. We propose a model which captures the service behaviors during the service execution in the system. Our model allows both service residency/execution time at a PM and service migration time to be generally distributed. We also derive the formula for calculating MTTF and its approximate accuracy is validated through comparing analytical results with simulation results. Moreover, a formula is proposed to predict the total cost of the system, which helps administrators manage the network system effectively.
Published in: 2019 IEEE Global Communications Conference (GLOBECOM)
Date of Conference: 09-13 December 2019
Date Added to IEEE Xplore: 27 February 2020
ISBN Information: