Simulation-based Approaches to Studying Effectiveness of Moving-Target Network Defense | NIST

Moving-target defense has been hypothesized as a potential game changer in cyber defense, including that for computer networks. However there has been little work to study how much proactively changing a network’s configuration can increase the difficulty for attackers and thus improve the resilience of the system under attack. In this paper we present a basic design schema of a movingtarget network defense system. Based on this design schema, we conducted a simulation-based study to investigate the degree to which proactively changing a network’s various parameters can decrease an adversary’s chance for success. We believe this is an important first step towards understanding why and how the concept of a moving target can be successfully applied to computer network defenses.

[1]  Xinming Ou,et al.  A scalable approach to attack graph generation , 2006, CCS '06.

[2]  Fred B. Schneider,et al.  Proactive obfuscation , 2010, TOCS.

[3]  J. F. Bouchard,et al.  IEEE TRANSACTIONS ON SYSTEMS , MAN , AND CYBERNETICS — PART A : SYSTEMS AND HUMANS , 2001 .

[4]  Evangelos P. Markatos,et al.  Defending against hitlist worms using network address space randomization , 2005, WORM '05.

[5]  Erik Lee,et al.  Final Report for the Network Security Mechanisms Utilizing Network Address Translation LDRD Project , 2002 .

[6]  Cynthia A. Phillips,et al.  A graph-based system for network-vulnerability analysis , 1998, NSPW '98.

[7]  Robert K. Cunningham,et al.  Evaluating and Strengthening Enterprise Network Security Using Attack Graphs , 2005 .

[8]  Duminda Wijesekera,et al.  Scalable, graph-based network vulnerability analysis , 2002, CCS '02.

[9]  Scott A. DeLoach,et al.  Runtime models for automatic reorganization of multi-robot systems , 2011, SEAMS '11.

[10]  Scott A. DeLoach,et al.  A capabilities-based model for adaptive organizations , 2008, Autonomous Agents and Multi-Agent Systems.

[11]  Gabriel H. Greve,et al.  Network Security Toolkit Including Heuristic Solutions for Trust System Placement and Network Obfuscation , 2010 .

[12]  Sahin Albayrak,et al.  Application-level simulation for network security , 2008, SimuTools.

[13]  Ruby B. Lee,et al.  National Cyber Leap Year Summit 2009 Co-Chairs ’ Report , 2009 .

[14]  Keith A Repik Defeating Adversary Network Intelligence Efforts with Active Cyber Defense Techniques , 2012 .

[15]  Michael Atighetchi,et al.  Adaptive use of network-centric mechanisms in cyber-defense , 2003, Sixth IEEE International Symposium on Object-Oriented Real-Time Distributed Computing, 2003..

[16]  Sahin Albayrak,et al.  Application-level simulation for network security , 2008, Simutools 2008.

[17]  Sushil Jajodia,et al.  Topological analysis of network attack vulnerability , 2006, PST.

[18]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[19]  Sahin Albayrak,et al.  Application-level Simulation for Network Security , 2010, Simul..