ABSTRACT
Moving Target Defense (MTD) is a game-changing method to thwart adversaries and reverses the imbalance situation in network countermeasures. Introducing Attack Surface (AS) into MTD security assessment brings productive concepts to qualitative and quantitative analysis. The quantification of MTD effectiveness and cost (E&C) has been under researched, using simulation models and emulation testbeds, to give accurate and reliable results for MTD technologies. However, the lack of system-view evaluation impedes MTD to move toward large-scale applications. In this paper, a System Attack Surface Based Quantification Framework (SASQF) is proposed to establish a system-view based framework for further research in Attack Surface and MTD E&C quantification. And a simulated model based on SASQF is developed to provide illustrations and software simulation methods. A typical C/S scenario and Cyber Kill Chain (CKC) attacks are presented in case study and several simulated results are given. From the simulated results, IP mutation frequency is the key to increase consumptions of adversaries, while the IP mutation pool is not the principal factor to thwart adversaries in reconnaissance and delivery of CKC steps. For system user operational cost, IP mutation frequency influence legitimate connections in relative values under ideal link state without delay, packet lose and jitter. The simulated model based on SASQF also provides a basic method to find the optimal IP mutation frequency through simulations.
- Jajodia, S., Ghosh, A. K., Swarup, V., Wang, C., & Wang, X. S. 2011. Moving Target Defense. Springer, New York.Google Scholar
- Manadhata, P. K., & Wing, J. M. 2011. A formal model for a system's attack surface. Advances in Information Security, 54, 1--28.Google Scholar
- Anderson, N., Mitchell, R., & Chen, I. R. 2016. Parameterizing Moving Target Defenses. Ifip International Conference on New Technologies, Mobility and Security (NTMS '16). IEEE. Larnaca, Cyprus. 1--6.Google Scholar
- Ben W. Priest, Era Vuksani, Neal Wagner, Brady Tello, Kevin M. Carter, and William W. Streilein. 2015. Agent-based simulation in support of moving target cyber defense technology development and evaluation. In Proceedings of the 18th Symposium on Communications & Networking (CNS '15). Society for Computer Simulation International, San Diego, CA, USA, 16-23. Google ScholarDigital Library
- Hoda Maleki, Saeed Valizadeh, William Koch, Azer Bestavros, and Marten van Dijk. 2016. Markov Modeling of Moving Target Defense Games. In Proceedings of the 2016 ACM Workshop on Moving Target Defense (MTD '16). ACM, New York, NY, USA, 81--92. Google ScholarDigital Library
- Leeuwen, B. P. V., Stout, W. M. S., & Urias, V. E. 2016. Empirical assessment of network-based Moving Target Defense approaches. Military Communications Conference, Milcom 2016. IEEE. Baltimore, MD, USA. 764--769.Google ScholarCross Ref
- Soule, N., Simidchieva, B., Yaman, F., Watro, R., Loyall, J., & Atighetchi, M., et al. 2015. Quantifying & minimizing attack surfaces containing moving target defenses. Resilience Week. IEEE. Philadelphia, PA, USA. 1--6.Google Scholar
- Jones, S. T., Outkin, A. V., Gearhart, J. L., Hobbs, J. A., Siirola, J. D., & Phillips, C. A., et al. 2015. Evaluating moving target defense with PLADD. Technical Report. Sandia National Laboratories in Albuquerque.Google Scholar
- Zhuang, R. 2015. A theory for understanding and quantifying moving target defense. Dissertations & Theses - Gradworks.Google Scholar
- Kun Sun and Sushil Jajodia. 2014. Protecting Enterprise Networks through Attack Surface Expansion. In Proceedings of the 2014 Workshop on Cyber Security Analytics, Intelligence and Automation (SafeConfig '14). ACM, New York, NY, USA, 29--32. Google ScholarDigital Library
- Leeuwen, B. V., Stout, W. M. S., & Urias, V. 2015. Operational cost of deploying Moving Target Defenses defensive work factors. Military Communications Conference, Milcom 2015. IEEE. Tampa, FL, USA, 966--971.Google ScholarCross Ref
- Yadav, T., & Rao, A. M. 2015. Technical Aspects of Cyber Kill Chain. Security in Computing and Communications. Springer International Publishing.Google Scholar
Index Terms
- A System Attack Surface Based MTD Effectiveness and Cost Quantification Framework
Recommendations
A Model for Analyzing the Effectiveness of Moving Target Defense
ICCNS '18: Proceedings of the 8th International Conference on Communication and Network SecurityMoving target defense(MTD) is a typical proactive cyber defense technology, which not only increases the difficulty of the attacker, but also reduces the damage caused by successful attacks. A number of studies have assessed the defensive effectiveness ...
Evaluating the effectiveness of shuffle and redundancy MTD techniques in the cloud
AbstractMoving Target Defense (MTD) is a defensive strategy to thwart adversaries by continuously shifting the attack surface. The MTD techniques can be applied to the cloud computing to make the cloud more unpredictable, hence more difficult ...
Comprehensive Security Assessment of Combined MTD Techniques for the Cloud
MTD '18: Proceedings of the 5th ACM Workshop on Moving Target DefenseMoving Target Defense (MTD) is a proactive security solution, which can be utilized by cloud computing in order to thwart cyber attacks. Many MTD techniques have been proposed, but there is still a lack of systematic evaluation methods for assessing the ...
Comments