论文信息 - Parameterizing Moving Target Defenses

Parameterizing Moving Target Defenses

Moving Target Defense (MTD) is the concept of controlling change across multiple system dimensions, aiming to disrupt the adversary in the attack sequence for intrusion prevention. To date, there is a lack of progress in MTD modeling and evaluation to test the effectiveness of MTD techniques. In this paper we develop two analytical models based on closed-form solutions and Stochastic Petri Nets to analyze the effect of a dynamic platform technique based MTD on attack success rate. The numerical results from these two models agree with one another, providing cross validation. Furthermore, the output of these models indicates the existence of parameter settings that decrease the security of the protected resource and settings that make MTD most effective in terms of minimizing the attack success probability.

[1] Michael B. Crouse,et al. Probabilistic Performance Analysis of Moving Target and Deception Reconnaissance Defenses , 2015, MTD@CCS.

[2] Joshua Taylor,et al. A Quantitative Framework for Moving Target Defense Effectiveness Evaluation , 2015, MTD@CCS.

[3] Kevin M. Carter,et al. Quantitative Evaluation of Dynamic Platform Techniques as a Defensive Mechanism , 2014, RAID.

[4] Minghui Zhu,et al. Comparing Different Moving Target Defense Techniques , 2014, MTD '14.

[5] Kishor S. Trivedi,et al. SPNP: stochastic Petri net package , 1989, Proceedings of the Third International Workshop on Petri Nets and Performance Models, PNPM89.

[6] Anh Nguyen-Tuong,et al. Effectiveness of Moving Target Defenses , 2011, Moving Target Defense.

[7] Scott A. DeLoach,et al. A model for analyzing the effect of moving target defenses on enterprise networks , 2014, CISR '14.

[8] Jin B. Hong,et al. Assessing the Effectiveness of Moving Target Defenses Using Security Models , 2016, IEEE Transactions on Dependable and Secure Computing.

[9] William W. Streilein,et al. Survey of Cyber Moving Target Techniques , 2013 .

[10] M. Patrick Collins. A Cost-Based Mechanism for Evaluating the Effectiveness of Moving Target Defenses , 2012, GameSec.

[11] Kishor S. Trivedi,et al. Performance and Reliability Analysis of Computer Systems , 1996, Springer US.