research-article

A critical view on moving target defense and its analogies

Authors:

Alexander Bajic,

Georg T. BeckerAuthors Info & Claims

CF '20: Proceedings of the 17th ACM International Conference on Computing Frontiers

Pages 277 - 283

https://doi.org/10.1145/3387902.3397225

Published: 23 May 2020 Publication History

Abstract

In the last decade the Moving Target Defense (MTD) has gained popularity as a new cyber security defense paradigm. Moving Target Defense (MTD) intends to change the (presumable) information asymmetry between attacker and defender in favor of the defender by constantly changing a network's appearance as to invalidate previously acquired information. Many papers discussing MTD have been proposed and in recent years MTD techniques for a wide range of applications in enterprise networks, Cloud environments, IoT, automotive CAN buses and smart grids have been proposed. In these papers, MTD is often introduced as a "game changer" and explained with help of nice figurative analogies. Yet, how useful are these repeated changes really to deter the attacker? And even more importantly, could it not be that there are downsides to the constant changes that, ultimately, degrade security? In this position paper we argue that one needs to have a more critical and open minded view on MTD. There are MTD techniques that improve security. But we also provide several examples where they reduce security or where movement does not matter at all and is only introduced as to label a given technique as MTD.

References

[1]

[n.d.]. US DHS Homepage. https://www.dhs.gov/science-and-technology/csd-mtd. [Online; accessed 6-March-2020].

[2]

O. Abdel Wahab, J. Bentahar, H. Otrok, and A. Mourad. 2019. Resource-Aware Detection and Defense System Against Multi-Type Attacks in the Cloud: Repeated Bayesian Stackelberg Game. IEEE Transactions on Dependable and Secure Computing (2019), 1--1.

Digital Library

[3]

Noor O. Ahmed and Bharat Bhargava. 2016. Mayflies: A Moving Target Defense Framework for Distributed Systems. In Proceedings of the 2016 ACM Workshop on Moving Target Defense (Vienna, Austria) (MTD '16). ACM, 59--64.

Digital Library

[4]

N. O. Ahmed and B. Bhargava. 2018. From Byzantine Fault-Tolerance to Fault-Avoidance: An Architectural Transformation to Attack and Failure Resiliency. IEEE Transactions on Cloud Computing (2018), 1--1.

[5]

N. O. Ahmed and B. Bhargava. 2020. Bio-inspired Formal Model for Space/Time Virtual Machine Randomization and Diversification. IEEE Transactions on Cloud Computing (2020), 1--1.

[6]

Airwolfhound. [n.d.]. Starling Murmuration - Eastbridge. https://www.flickr.com/photos/24874528@N04/45519155125/. [Online; accessed 23-April-2020].

[7]

Hooman Alavizadeh, Dong Seong Kim, Jin B. Hong, and Julian Jang-Jaccard. 2017. Effective Security Analysis for Combinations of MTD Techniques on Cloud Computing (Short Paper). In Information Security Practice and Experience. Springer, 539--548.

[8]

Hooman Alavizadeh, Dong Seong Kim, and Julian Jang-Jaccard. 2019. Modelbased evaluation of combinations of Shuffle and Diversity MTD techniques on the cloud. Future Generation Computer Systems (2019).

[9]

Ramazan Algin, Huseyin O. Tan, and Kemal Akkaya. 2017. Mitigating Selective Jamming Attacks in Smart Meter Data Collection Using Moving Target Defense. In Proceedings of the 13th ACM Symposium on QoS and Security for Wireless and Mobile Networks (Miami, Florida, USA) (Q2SWinet '17). ACM, 1--8.

Digital Library

[10]

H. M. J. Almohri, L. T. Watson, and D. Evans. 2018. Misery Digraphs: Delaying Intrusion Attacks in Obscure Clouds. IEEE Transactions on Information Forensics and Security 13, 6 (June 2018), 1361--1375.

[11]

N. Anderson, R. Mitchell, and I. R. Chen. 2016. Parameterizing Moving Target Defenses. In 2016 8th IFIP International Conference on New Technologies, Mobility and Security (NTMS). 1--6.

[12]

Alexander Bajic and Georg T. Becker. 2018. Attack Simulation for a Realistic Evaluation and Comparison of Network Security Techniques. In Secure IT Systems. Springer, 236--254.

[13]

Stephen W. Boyd and Angelos D. Keromytis. 2004. SQLrand: Preventing SQL Injection Attacks. In Applied Cryptography and Network Security. Springer Berlin Heidelberg, Berlin, Heidelberg, 292--302.

[14]

Valentina Casola, Alessandra De Benedictis, and Massimiliano Albanese. 2013. A moving target defense approach for protecting resource-constrained distributed devices. In IEEE 14th International Conference on Information Reuse & Integration (IRI). IEEE.

[15]

S. Chang, Y. Park, and B. B. Ashok Babu. 2019. Fast IP Hopping Randomization to Secure Hop-by-Hop Access in SDN. IEEE Transactions on Network and Service Management 16, 1 (March 2019), 308--320.

Digital Library

[16]

Ankur Chowdhary, Adel Alshamrani, Dijiang Huang, and Hongbin Liang. 2018. MTD Analysis and Evaluation Framework in Software Defined Network (MASON). In Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization (Tempe, AZ, USA) (SDN-NFV Sec '18). ACM, 43--48.

Digital Library

[17]

Warren Connell, Massimiliano Albanese, and Sridhar Venkatesan. 2017. A Framework for Moving Target Defense Quantification. In IFIP International Conference on ICT Systems Security and Privacy Protection. Springer, 124--138.

[18]

Warren Connell, Daniel A. Menascé, and Massimiliano Albanese. 2017. Performance Modeling of Moving Target Defenses. In Proceedings of the 2017 Workshop on Moving Target Defense (Dallas, Texas, USA) (MTD 17). ACM, 53--63.

Digital Library

[19]

M. Dunlop, S. Groat, W. Urbanski, R. Marchany, and J. Tront. 2011. MT6D: A Moving Target IPv6 Defense. In 2011 - MILCOM 2011 Military Communications Conference. 1321--1326.

[20]

J. B. Hong and D. S. Kim. 2016. Assessing the Effectiveness of Moving Target Defenses Using Security Models. IEEE Transactions on Dependable and Secure Computing 13, 2 (March 2016), 163--177.

Digital Library

[21]

White House. 2011. Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program. Report of the National Science and Technology Council, Executive Office of the President (2011).

[22]

Todd Jackson, Andrei Homescu, Stephen Crane, Per Larsen, Stefan Brunthaler, and Michael Franz. 2013. Diversifying the Software Stack Using Randomized NOP Insertion. In Moving Target Defense II. Springer New York, New York, NY, 151--173.

[23]

Todd Jackson, Babak Salamat, Andrei Homescu, Karthikeyan Manivannan, Gregor Wagner, Andreas Gal, Stefan Brunthaler, Christian Wimmer, and Michael Franz. 2011. Compiler-Generated Software Diversity. Springer New York, New York, NY, 77--98.

[24]

X. Jiang, H. J. Wangz, D. Xu, and Y. M. Wang. 2007. RandSys: Thwarting Code Injection Attacks with System Service Interface Randomization. In 26th IEEE International Symposium on Reliable Distributed Systems (SRDS 2007). 209--218.

[25]

David J. John, Robert W. Smith, William H. Turkett, Daniel A. Cañas, and Errin W. Fulp. 2014. Evolutionary Based Moving Target Cyber Defense. In Proceedings of the Companion Publication of the 2014 Annual Conference on Genetic and Evolutionary Computation (Vancouver, BC, Canada) (GECCO Comp '14). ACM, 1261--1268.

Digital Library

[26]

Gaurav S. Kc, Angelos D. Keromytis, and Vassilis Prevelakis. 2003. Countering Code-injection Attacks with Instruction-set Randomization. In Proceedings of the 10th ACM Conference on Computer and Communications Security (Washington D.C., USA) (CCS '03). ACM, 272--280.

Digital Library

[27]

D. Kewley, R. Fink, J. Lowry, and M. Dean. 2001. Dynamic approaches to thwart adversary intelligence gathering. In DARPA Information Survivability Conference amp; Exposition II, 2001. DISCEX '01, Vol. 1. 176--185 vol.1.

[28]

Cheng Lei, Hong-Qi Zhang, Li-Ming Wan, Lu Liu, and Duo he Ma. 2018. Incomplete information Markov game theoretic approach to strategy generation for moving target defense. Computer Communications 116 (2018), 184 -- 199.

[29]

Jason Li, Justin Yackoski, and Nicholas Evancich. 2016. Moving Target Defense: A Journey from Idea to Product. In Proceedings of the 2016 ACM Workshop on Moving Target Defense (Vienna, Austria) (MTD '16). ACM, 69--79.

Digital Library

[30]

Brian Lucas, Errin W. Fulp, David J. John, and Daniel Cañas. 2014. An Initial Framework for Evolving Computer Configurations As a Moving Target Defense. In Proceedings of the 9th Annual Cyber and Information Security Research Conference (Oak Ridge, Tennessee, USA) (CISR '14). ACM, 69--72.

Digital Library

[31]

Douglas C. MacFarland and Craig A. Shue. 2015. The SDN Shuffle: Creating a Moving-Target Defense Using Host-based Software-Defined Networking. In Proceedings of the Second ACM Workshop on Moving Target Defense (Denver, Colorado, USA) (MTD '15). ACM, 37--41.

Digital Library

[32]

Hoda Maleki, Saeed Valizadeh, William Koch, Azer Bestavros, and Marten van Dijk. 2016. Markov Modeling of Moving Target Defense Games. In Proceedings of the 2016 ACM Workshop on Moving Target Defense (Vienna, Austria) (MTD '16). ACM, 81--92.

Digital Library

[33]

J. Narantuya, S. Yoon, H. Lim, J. Cho, D. S. Kim, T. Moore, and F. Nelson. 2019. SDN-Based IP Shuffling Moving Target Defense with Multiple SDN Controllers. In 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks - Supplemental Volume (DSN-S). 15--16.

[34]

F. Nizzi, T. Pecorella, F. Esposito, L. Pierucci, and R. Fantacci. 2019. IoT Security via Address Shuffling: The Easy Way. IEEE Internet of Things Journal 6, 2 (April 2019), 3764--3774.

[35]

H. Okhravi, T. Hobson, D. Bigelow, and W. Streilein. 2014. Finding Focus in the Blur of Moving-Target Techniques. IEEE Security Privacy 12, 2 (Mar 2014), 16--26.

[36]

Oxfordian. [n.d.]. Landscape with deerstand. https://www.flickr.com/photos/oxfordian/11694201383/. [Online; accessed 23-April-2020].

[37]

Georgios Portokalidis and Angelos D. Keromytis. 2010. Fast and Practical Instruction-set Randomization for Commodity Systems. In Proceedings of the 26th Annual Computer Security Applications Conference (Austin, Texas, USA) (ACSAC '10). ACM, 41--48.

Digital Library

[38]

Achintya Prakash and Michael P. Wellman. 2015. Empirical Game-Theoretic Analysis for Moving Target Defense. In Proceedings of the Second ACM Workshop on Moving Target Defense (Denver, Colorado, USA) (MTD '15). ACM, 57--65.

Digital Library

[39]

M. Taguinod, A. Doupé, Z. Zhao, and G. J. Ahn. 2015. Toward a Moving Target Defense for Web Applications. In 2015 IEEE International Conference on Information Reuse and Integration. 510--517.

Digital Library

[40]

Joshua Taylor, Kara Zaffarano, Ben Koller, Charlie Bancroft, and Jason Syversen. 2016. Automated Effectiveness Evaluation of Moving Target Defenses: Metrics for Missions and Attacks. In Proceedings of the 2016 ACM Workshop on Moving Target Defense (Vienna, Austria) (MTD '16). ACM, 129--134.

Digital Library

[41]

PaX Team. 2001. PaX address space layout randomization (ASLR). (2001).

[42]

M. Thompson, N. Evans, and V. Kisekka. 2014. Multiple OS rotational environment an implemented Moving Target Defense. In 2014 7th International Symposium on Resilient Control Systems (ISRCS). 1--6.

[43]

Satya Gautam Vadlamudi, Sailik Sengupta, Marthony Taguinod, Ziming Zhao, Adam Doupé, Gail-Joon Ahn, and Subbarao Kambhampati. 2016. Moving Target Defense for Web Applications Using Bayesian Stackelberg Games: (Extended Abstract). In Proceedings of the 2016 International Conference on Autonomous Agents and Multiagent Systems (Singapore, Singapore) (AAMAS '16). International Foundation for Autonomous Agents and Multiagent Systems, Richland, SC, 1377--1378. http://dl.acm.org/citation.cfm?id=2937029.2937168

Digital Library

[44]

Sridhar Venkatesan, Massimiliano Albanese, George Cybenko, and Sushil Jajodia. 2016. A Moving Target Defense Approach to Disrupting Stealthy Botnets. In Proceedings of the 2016 ACM Workshop on Moving Target Defense (Vienna, Austria) (MTD '16). ACM, 37--46.

Digital Library

[45]

S. Wang, H. Shi, Q. Hu, B. Lin, and X. Cheng. 2020. Moving Target Defense for Internet of Things Based on the Zero-Determinant Theory. IEEE Internet of Things Journal 7, 1 (Jan 2020), 661--668.

[46]

Bryan C Ward, Steven R Gomez, Richard Skowyra, David Bigelow, Jason Martin, James Landry, and Hamed Okhravi. 2018. Survey of Cyber Moving Targets Second Edition. Technical Report. MIT Lincoln Laboratory Lexington United States.

[47]

Samuel Woo, Daesung Moon, Taek-Young Youn, Yousik Lee, and Yongeun Kim. 2019. CAN ID shuffling technique (cist): Moving target defense strategy for protecting in-vehicle CAN. IEEE Access 7 (2019), 15521--15536.

[48]

B. Wu, Y. Ma, L. Fan, and F. Qian. 2018. Binary Software Randomization Method Based on LLVM. In 2018 IEEE International Conference of Safety Produce Informatization (IICSPI). 808--811.

[49]

X. Xiong, L. Yang, and G. Zhao. 2019. Effectiveness Evaluation Model of Moving Target Defense Based on System Attack Surface. IEEE Access 7 (2019), 9998--10014.

[50]

K. Zeitz, M. Cantrell, R. Marchany, and J. Tront. 2018. Changing the Game: A Micro Moving Target IPv6 Defense for the Internet of Things. IEEE Wireless Communications Letters 7, 4 (Aug 2018), 578--581.

[51]

Huan Zhang, Kangfeng Zheng, Xiaodan Yan, Shoushan Luo, and Bin Wu. 2020. Moving Target Defense Against Injection Attacks. In Algorithms and Architectures for Parallel Processing. Springer International Publishing, Cham, 518--532.

Digital Library

[52]

J. Zheng and A. Siami Namin. 2019. Enforcing Optimal Moving Target Defense Policies. In 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC), Vol. 1. 753--759.

[53]

Rui Zhuang, Scott A. DeLoach, and Xinming Ou. 2014. Towards a Theory of Moving Target Defense. In Proceedings of the First ACM Workshop on Moving Target Defense (Scottsdale, Arizona, USA) (MTD '14). ACM, 31--40.

Digital Library

[54]

Rui Zhuang, Su Zhang, Scott A. DeLoach, Xinming Ou, and Anoop Singhal. 2012. Simulation-based Approaches to Studying Effectiveness of Moving-Target Network Defense. In National Symposium on Moving Target Research (Annapolis, MD, USA). NIST. https://www.nist.gov/publications/simulation-based-approaches-studying-effectiveness-moving-target-network-defense

Cited By

Ren JWang ZLin CObaidat MXie HZhu HLiu CWang KTan G(2023)REORDER++: Enhanced Randomized Real-Time Scheduling Strategy Against Side-Channel AttacksIEEE Transactions on Network Science and Engineering10.1109/TNSE.2023.3254653(1-14)Online publication date: 2023
https://doi.org/10.1109/TNSE.2023.3254653
Bajic ABecker G(2021)Automated benchmark network diversification for realistic attack simulation with application to moving target defenseInternational Journal of Information Security10.1007/s10207-021-00552-921:2(253-278)Online publication date: 31-May-2021
https://doi.org/10.1007/s10207-021-00552-9

Index Terms

A critical view on moving target defense and its analogies
1. Security and privacy

Recommendations

Towards a Theory of Moving Target Defense
MTD '14: Proceedings of the First ACM Workshop on Moving Target Defense

The static nature of cyber systems gives attackers the advantage of time. Fortunately, a new approach, called the Moving Target Defense (MTD) has emerged as a potential solution to this problem. While promising, there is currently little research to ...
Moving Target Defense Against Injection Attacks
Algorithms and Architectures for Parallel Processing
Abstract
With the development of network technology, web services become more convenient and popular. However, web services are also facing serious security threats, especially SQL injection attack(SQLIA). Due to the diversity of attack techniques and the ...
Denial of service attacks, defences and research challenges

This paper presents a review of current denial of service (DoS) attack and defence concepts, from a theoretical ad practical point of view. Seriousness of DoS attacks is tangible and they present one of the most significant threats to assurance of ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CF '20: Proceedings of the 17th ACM International Conference on Computing Frontiers

May 2020

298 pages

ISBN:9781450379564

DOI:10.1145/3387902

General Chairs:
Maurizio Palesi
University of Catania, IT
,
Gianluca Palermo
Politecnico di Milano, IT
,
Program Chairs:
Cat Graves
Hewlett Packard Labs
,
Eishi Arima
ITC University of Tokyo, JP

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGMICRO: ACM Special Interest Group on Microarchitectural Research and Processing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 23 May 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CF '20

Sponsor:

SIGMICRO

CF '20: Computing Frontiers Conference

May 11 - 13, 2020

Sicily, Catania, Italy

Acceptance Rates

Overall Acceptance Rate 273 of 785 submissions, 35%

Upcoming Conference

CF '25

Sponsor:
sigmicro

22nd ACM International Conference on Computing Frontiers

May 28 - 30, 2025

Cagliari , Italy

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
208
Total Downloads

Downloads (Last 12 months)15
Downloads (Last 6 weeks)1

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Ren JWang ZLin CObaidat MXie HZhu HLiu CWang KTan G(2023)REORDER++: Enhanced Randomized Real-Time Scheduling Strategy Against Side-Channel AttacksIEEE Transactions on Network Science and Engineering10.1109/TNSE.2023.3254653(1-14)Online publication date: 2023
https://doi.org/10.1109/TNSE.2023.3254653
Bajic ABecker G(2021)Automated benchmark network diversification for realistic attack simulation with application to moving target defenseInternational Journal of Information Security10.1007/s10207-021-00552-921:2(253-278)Online publication date: 31-May-2021
https://doi.org/10.1007/s10207-021-00552-9

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten