The evaluation of performance cost for network based moving target defense

Network based moving target defense prevents attackers from reliably contacting a system by re-configuring network factors. Although limited researching has demonstrated it to be practical and feasible, little studies have been conducted to evaluate the performance cost appended to the original system. Without quantitative results, it is challenging to implement moving target techniques to typical information system broadly. This paper introduces a Queueing Petri Net model that can provide insight into the performance of network re-configurations. This model quantifies the system throughput, queue utilization and response time of requests regarding configurations of the information system, type of strategies for mutation and the frequency of networking transformation. Through logical deductions and simulations using Queueing Petri net Modelling Environment, results show that the network shifting method is an affordable defense technology compared to the performance loss in the processing of servers. Moreover, event-based strategies can get the trade-off between security and performance. These results guide the research deep into developing a more optimized method in moving target defense.

[1]  Shuwang Lu,et al.  DoS Evading Mechanism upon Service Hopping , 2007, 2007 IFIP International Conference on Network and Parallel Computing Workshops (NPC 2007).

[2]  Weiguang Xu,et al.  The Effectiveness Assessment for Network Based MTD Strategies , 2018, ICCNS.

[3]  Brian P. Van Leeuwen,et al.  Operational cost of deploying Moving Target Defenses defensive work factors , 2015, MILCOM 2015 - 2015 IEEE Military Communications Conference.

[4]  Tomasz Rak Performance analysis of distributed Internet system models using QPN simulation , 2014, 2014 Federated Conference on Computer Science and Information Systems.

[5]  Samuel Kounev,et al.  Introduction to queueing petri nets: modeling formalism, tool support and case studies , 2012, ICPE '12.

[6]  Samuel Kounev,et al.  Stochastic Modeling and Analysis Using QPME: Queueing Petri Net Modeling Environment v2.0 , 2012, Petri Nets.

[7]  Thomas E. Carroll,et al.  Analysis of network address shuffling as a moving target defense , 2014, 2014 IEEE International Conference on Communications (ICC).

[8]  Daniel A. Menascé,et al.  Performance Modeling of Moving Target Defenses , 2017, MTD@CCS.

[9]  William W. Streilein,et al.  Finding Focus in the Blur of Moving-Target Techniques , 2014, IEEE Security & Privacy.

[10]  Wolfgang Reisig,et al.  Application and Theory of Petri Nets , 1982, Informatik-Fachberichte.

[11]  Richard Ford,et al.  Moving-Target Defenses for Computer Networks , 2014, IEEE Security & Privacy.

[12]  Falko Bause,et al.  Queueing Petri Nets-A formalism for the combined qualitative and quantitative analysis of systems , 1993, Proceedings of 5th International Workshop on Petri Nets and Performance Models.

[13]  Ehab Al-Shaer,et al.  An Effective Address Mutation Approach for Disrupting Reconnaissance Attacks , 2015, IEEE Transactions on Information Forensics and Security.