Moving Target Network Defense Effectiveness Evaluation Based on Change-Point Detection

In order to evaluate the effectiveness of moving target network defense, a dynamic effectiveness evaluation approach based on change-point detection is presented. Firstly, the concept of multilayer network resource graph is defined, which helps establish the relationship between the change of resource vulnerability and the transfer of network node state. Secondly, a change-point detection and standardized measurement algorithm is proposed. Consequently, it improves the efficiency of evaluation by measuring the change-point dynamically and enhancing the accuracy of evaluation based on multilayer network resource graph. What’s more, in order to evaluate the defense effectiveness comprehensively, defense cost and benefits are set as evaluation indicators. Finally, experimental analysis, represented by MT6D and DNAT, proves the feasibility of the proposed evaluation method and the accuracy of the evaluation results.

[1]  Sushil Jajodia,et al.  Protecting Enterprise Networks through Attack Surface Expansion , 2014, SafeConfig '14.

[2]  Scott A. DeLoach,et al.  A model for analyzing the effect of moving target defenses on enterprise networks , 2014, CISR '14.

[3]  Eric Michael Hutchins,et al.  Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains , 2010 .

[4]  Jin B. Hong,et al.  Performance Analysis of Scalable Attack Representation Models , 2013, SEC.

[5]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[6]  Joseph G. Tront,et al.  MT6D: A Moving Target IPv6 Defense , 2011, 2011 - MILCOM 2011 Military Communications Conference.

[7]  Minghui Zhu,et al.  Comparing Different Moving Target Defense Techniques , 2014, MTD '14.

[8]  Per Larsen,et al.  Security through Diversity: Are We There Yet? , 2014, IEEE Security & Privacy.

[9]  Scott A. DeLoach,et al.  Simulation-based Approaches to Studying Effectiveness of Moving-Target Network Defense | NIST , 2012 .

[10]  Thomas E. Carroll,et al.  Analysis of network address shuffling as a moving target defense , 2014, 2014 IEEE International Conference on Communications (ICC).

[11]  Sushil Jajodia,et al.  Minimum-cost network hardening using attack graphs , 2006, Comput. Commun..

[12]  Karen Scarfone,et al.  Common Vulnerability Scoring System , 2006, IEEE Security & Privacy.

[13]  Craig A. Shue,et al.  Characterizing Network-Based Moving Target Defenses , 2015, MTD@CCS.

[14]  Curtis R. Taylor,et al.  On building inexpensive network capabilities , 2012, CCRV.

[15]  Anh Nguyen-Tuong,et al.  Effectiveness of Moving Target Defenses , 2011, Moving Target Defense.

[16]  Joshua Taylor,et al.  A Quantitative Framework for Moving Target Defense Effectiveness Evaluation , 2015, MTD@CCS.

[17]  Xiang Yu,et al.  Applying Self-Shielding Dynamics to the Network Architecture , 2013, Moving Target Defense.

[18]  Sushil Jajodia,et al.  Modeling Network Diversity for Evaluating the Robustness of Networks against Zero-Day Attacks , 2014, ESORICS.

[19]  Duminda Wijesekera,et al.  Scalable, graph-based network vulnerability analysis , 2002, CCS '02.