Numerical Evaluation of Job Finish Time Under MTD Environment

Moving target defense (MTD) has recently emerged as a game-changer in the confrontation between cyberattack and defense. MTD mechanism constantly and randomly changes the system configurations to create uncertainty of the attack surface against cyber-adversaries. To date, researches on the evaluation of MTD techniques either focused on analyzing the effectiveness of MTD or studying the system performance loss due to the use of MTD. The impact on job/service running on the protected system is always ignored. In this paper, we propose an SRN (Stochastic reward net) based analytical modeling approach to investigate how MTD techniques influence the job running on protected system from the perspective of job finish time. The SRN model developed in this paper captures the behaviors of both the adversary and the job execution process. Furthermore, we carry out numerical analysis to study the impact of different system parameters on job finish time and other evaluation metrics. The results in this paper can help defenders choose a better MTD configuration to complete the job execution as soon as possible.

[1]  Kishor S. Trivedi,et al.  A Decomposition Approach for Stochastic Reward Net Models , 1993, Perform. Evaluation.

[2]  Sailik Sengupta,et al.  Markov Game Modeling of Moving Target Defense for Strategic Detection of Threats in Cloud Networks , 2018, ArXiv.

[3]  Charles V. Wright,et al.  Quantitative evaluation of moving target technology , 2015, 2015 IEEE International Symposium on Technologies for Homeland Security (HST).

[4]  Daniel A. Menascé,et al.  Performance Modeling of Moving Target Defenses , 2017, MTD@CCS.

[5]  Tuan Anh Nguyen,et al.  A stochastic reward net-based assessment of reliability, availability and operational cost for a software-defined network infrastructure , 2018, The Journal of Supercomputing.

[6]  Jingde Cheng,et al.  Adaptive Evaluation of Virtual Machine Placement and Migration Scheduling Algorithms Using Stochastic Petri Nets , 2019, IEEE Access.

[7]  Daniel A. Menascé,et al.  Performance Modeling of Moving Target Defenses with Reconfiguration Limits , 2021, IEEE Transactions on Dependable and Secure Computing.

[8]  Wei Hu,et al.  Moving target defense: state of the art and characteristics , 2016, Frontiers of Information Technology & Electronic Engineering.

[9]  Akbar Siami Namin,et al.  The Impact of Address Changes and Host Diversity on the Effectiveness of Moving Target Defense Strategy , 2016, 2016 IEEE 40th Annual Computer Software and Applications Conference (COMPSAC).

[10]  Dong Seong Kim,et al.  Software Defined Stochastic Model for Moving Target Defense , 2016, AECIA.

[11]  G. V. Kulkarni,et al.  The Completion Time of a Job on Multi-Mode Systems , 1985 .

[12]  Kevin M. Carter,et al.  A Game Theoretic Approach to Strategy Determination for Dynamic Platform Defenses , 2014, MTD '14.

[13]  Quanyan Zhu,et al.  Game Theory Meets Network Security: A Tutorial , 2018, CCS.

[14]  Shouhuai Xu,et al.  Characterizing the power of moving target defense via cyber epidemic dynamics , 2014, HotSoS '14.

[15]  Kishor S. Trivedi,et al.  SPNP: stochastic Petri net package , 1989, Proceedings of the Third International Workshop on Petri Nets and Performance Models, PNPM89.

[16]  Scott A. DeLoach,et al.  Simulation-based Approaches to Studying Effectiveness of Moving-Target Network Defense | NIST , 2012 .

[17]  Scott A. DeLoach,et al.  Towards a Theory of Moving Target Defense , 2014, MTD '14.

[18]  Anh Nguyen-Tuong,et al.  Effectiveness of Moving Target Defenses , 2011, Moving Target Defense.

[19]  Kishor S. Trivedi,et al.  Automated Generation and Analysis of Markov Reward Models Using Stochastic Reward Nets , 1993 .

[20]  Wei Hu,et al.  A Model for Evaluating and Comparing Moving Target Defense Techniques Based on Generalized Stochastic Petri Net , 2016, ACA.

[21]  Rui Zhuang,et al.  A theory for understanding and quantifying moving target defense , 2015 .

[22]  Scott A. DeLoach,et al.  A Theory of Cyber Attacks: A Step Towards Analyzing MTD Systems , 2015, MTD@CCS.

[23]  Shuo Zhao,et al.  Security Analysis of Dynamic SDN Architectures Based on Game Theory , 2018, Secur. Commun. Networks.

[24]  Lu Liu,et al.  Incomplete information Markov game theoretic approach to strategy generation for moving target defense , 2018, Comput. Commun..

[25]  Marco Vieira,et al.  Towards Models for Availability and Security Evaluation of Cloud Computing with Moving Target Defense , 2019, ArXiv.

[26]  Kevin M. Carter,et al.  Quantitative Evaluation of Dynamic Platform Techniques as a Defensive Mechanism , 2014, RAID.

[27]  Brian P. Van Leeuwen,et al.  MTD assessment framework with cyber attack modeling , 2016, 2016 IEEE International Carnahan Conference on Security Technology (ICCST).

[28]  Reza Entezari-Maleki,et al.  Unified power and performance analysis of cloud computing infrastructure using stochastic reward nets , 2019, Comput. Commun..

[29]  Scott A. DeLoach,et al.  A model for analyzing the effect of moving target defenses on enterprise networks , 2014, CISR '14.

[30]  Ricardo J. Rodríguez,et al.  Survivability Model for Security and Dependability Analysis of a Vulnerable Critical System , 2018, 2018 27th International Conference on Computer Communication and Networks (ICCCN).