A Survey on the Moving Target Defense Strategies: An Architectural Perspective

As the complexity and the scale of networks continue to grow, the management of the network operations and security defense has become a challenging task for network administrators, and many network devices may not be updated timely, leaving the network vulnerable to potential attacks. Moreover, the static nature of our existing network infrastructure allows attackers to have enough time to study the static configurations of the network and to launch well-crafted attacks at their convenience while defenders have to work around the clock to defend the network. This asymmetry, in terms of time and money invested, has given attackers greater advantage than defenders and has made the security defense even more challenging. It calls for new and innovative ideas to fix the problem. Moving Target Defense (MTD) is one of the innovative ideas which implements diverse and dynamic configurations of network systems with the goal of puzzling the exact attack surfaces available to attackers. As a result, the system status with the MTD strategy is unpredictable to attackers, hard to exploit, and is more resilient to various forms of attacks. There are existing survey papers on various MTD techniques, but to the best of our knowledge, insufficient focus was given on the architectural perspective of MTD strategies or some new technologies such as Internet of Things (IoT). This paper presents a comprehensive survey on MTD and implementation strategies from the perspective of the architecture of the complete network system, covering the motivation for MTD, the explanation of main MTD concepts, ongoing research efforts of MTD and its implementation at each level of the network system, and the future research opportunities offered by new technologies such as Software-Defined Networking (SDN) and Internet of Things (IoT).

[1]  Harry G. Perros,et al.  SDN-based solutions for Moving Target Defense network protection , 2014, Proceeding of IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks 2014.

[2]  Wei Hu,et al.  Moving target defense: state of the art and characteristics , 2016, Frontiers of Information Technology & Electronic Engineering.

[3]  Yih Huang,et al.  Introducing Diversity and Uncertainty to Create Moving Attack Surfaces for Web Services , 2011, Moving Target Defense.

[4]  Scott A. DeLoach,et al.  MTD CBITS: Moving Target Defense for Cloud-Based IT Systems , 2017, ESORICS.

[5]  Akbar Siami Namin,et al.  The Impact of Address Changes and Host Diversity on the Effectiveness of Moving Target Defense Strategy , 2016, 2016 IEEE 40th Annual Computer Software and Applications Conference (COMPSAC).

[6]  Joseph G. Tront,et al.  MT6D: A Moving Target IPv6 Defense , 2011, 2011 - MILCOM 2011 Military Communications Conference.

[7]  Christopher C. Lamb,et al.  Dependency Graph Analysis and Moving Target Defense Selection , 2016, MTD@CCS.

[8]  Per Larsen,et al.  Diversifying the Software Stack Using Randomized NOP Insertion , 2013, Moving Target Defense.

[9]  Carsten Willems,et al.  Practical Timing Side Channel Attacks against Kernel Space ASLR , 2013, 2013 IEEE Symposium on Security and Privacy.

[10]  Kevin M. Carter,et al.  Quantitative Evaluation of Dynamic Platform Techniques as a Defensive Mechanism , 2014, RAID.

[11]  David Naccache,et al.  Verifying Software Integrity in Embedded Systems: A Side Channel Approach , 2014, COSADE.

[12]  C. Stoll The Cuckoo's Egg : Tracking a Spy Through the Maze of Computer Espionage , 1990 .

[13]  Jeff Seibert,et al.  Information Leaks Without Memory Disclosures: Remote Side Channel Attacks on Diversified Code , 2014, CCS.

[14]  David Evans,et al.  N-Variant Systems: A Secretless Framework for Security through Diversity , 2006, USENIX Security Symposium.

[15]  Cheng Lei,et al.  Moving Target Defense Techniques: A Survey , 2018, Secur. Commun. Networks.

[16]  Kevin W. Hamlen,et al.  Binary stirring: self-randomizing instruction addresses of legacy x86 binary code , 2012, CCS.

[17]  William W. Streilein,et al.  Survey of Cyber Moving Target Techniques , 2013 .

[18]  Jeannette M. Wing,et al.  An Attack Surface Metric , 2011, IEEE Transactions on Software Engineering.

[19]  Chin-Tser Huang,et al.  A moving-target defense strategy for Cloud-based services with heterogeneous and dynamic attack surfaces , 2014, 2014 IEEE International Conference on Communications (ICC).

[20]  Paolo Falcarin,et al.  Software Protection with Code Mobility , 2015, MTD@CCS.

[21]  Ramarathnam Venkatesan,et al.  The Superdiversifier: Peephole Individualization for Software Protection , 2008, IWSEC.

[22]  Hovav Shacham,et al.  The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86) , 2007, CCS '07.

[23]  Akbar Siami Namin,et al.  A Markov Decision Process to Determine Optimal Policies in Moving Target , 2018, CCS.

[24]  Fei Li,et al.  WebTrap: A dynamic defense scheme against economic denial of sustainability attacks , 2017, 2017 IEEE Conference on Communications and Network Security (CNS).

[25]  James E. Just,et al.  Review and analysis of synthetic diversity for breaking monocultures , 2004, WORM '04.

[26]  David H. Ackley,et al.  Building diverse computer systems , 1997, Proceedings. The Sixth Workshop on Hot Topics in Operating Systems (Cat. No.97TB100133).

[27]  Azer Bestavros,et al.  Markov Modeling of Moving Target Defense Games , 2016, MTD@CCS.

[28]  William W. Streilein,et al.  On the Challenges of Effective Movement , 2014, MTD '14.

[29]  Hamed Okhravi,et al.  Creating a cyber moving target for critical infrastructure applications using platform diversity , 2012, Int. J. Crit. Infrastructure Prot..

[30]  Arun K. Sood,et al.  Securing Web Servers Using Self Cleansing Intrusion Tolerance (SCIT) , 2009, 2009 Second International Conference on Dependability.

[31]  Sushil Jajodia,et al.  A moving target defense approach to mitigate DDoS attacks against proxy-based architectures , 2016, 2016 IEEE Conference on Communications and Network Security (CNS).

[32]  Bill Chu,et al.  Moving Target Defense Against Cross-Site Scripting Attacks (Position Paper) , 2014, FPS.

[33]  Salvatore J. Stolfo,et al.  Symbiotes and defensive Mutualism: Moving Target Defense , 2011, Moving Target Defense.

[34]  Craig A. Shue,et al.  Characterizing Network-Based Moving Target Defenses , 2015, MTD@CCS.

[35]  Michael Franz,et al.  Compiler-Generated Software Diversity , 2011, Moving Target Defense.

[36]  Mark Stamp,et al.  Risks of monoculture , 2004, CACM.

[37]  Anh Nguyen-Tuong,et al.  Effectiveness of Moving Target Defenses , 2011, Moving Target Defense.

[38]  Quanyan Zhu,et al.  Game-Theoretic Approach to Feedback-Driven Multi-stage Moving Target Defense , 2013, GameSec.

[39]  Minghui Zhu,et al.  Comparing Different Moving Target Defense Techniques , 2014, MTD '14.

[40]  Craig A. Shue,et al.  The SDN Shuffle: Creating a Moving-Target Defense using Host-based Software-Defined Networking , 2015, MTD@CCS.

[41]  Abdelouahed Gherbi,et al.  Diversity-Based Approaches to Software Systems Security , 2011, FGIT-SecTech.

[42]  Ehab Al-Shaer,et al.  Openflow random host mutation: transparent moving target defense using software defined networking , 2012, HotSDN '12.

[43]  Pratyusa K. Manadhata,et al.  Game Theoretic Approaches to Attack Surface Shifting , 2013, Moving Target Defense.

[44]  Hamed Okhravi,et al.  Creating a Cyber Moving Target for Critical Infrastructure Applications , 2011, Critical Infrastructure Protection.

[45]  Alok Aggarwal,et al.  Lightweight Cryptographic Primitives for Mobile Ad Hoc Networks , 2012, SNDS.

[46]  Angelos D. Keromytis,et al.  Practical Software Diversification Using In-Place Code Randomization , 2013, Moving Target Defense.

[47]  Michael E. Locasto,et al.  Software Diversity: Security, Entropy and Game Theory , 2012, HotSec.

[48]  Ehab Al-Shaer,et al.  Toward Network Configuration Randomization for Moving Target Defense , 2011, Moving Target Defense.

[49]  Evangelos P. Markatos,et al.  Defending against hitlist worms using network address space randomization , 2007, Comput. Networks.

[50]  Diomidis Spinellis,et al.  Reflection as a mechanism for software integrity verification , 2000, TSEC.

[51]  Ahmad-Reza Sadeghi,et al.  Just-In-Time Code Reuse: On the Effectiveness of Fine-Grained Address Space Layout Randomization , 2013, 2013 IEEE Symposium on Security and Privacy.

[52]  Joseph G. Tront,et al.  Designing a Micro-moving Target IPv6 Defense for the Internet of Things , 2017, 2017 IEEE/ACM Second International Conference on Internet-of-Things Design and Implementation (IoTDI).

[53]  Sushil Jajodia,et al.  Moving Target Defense - Creating Asymmetric Uncertainty for Cyber Threats , 2011, Moving Target Defense.

[54]  Hovav Shacham,et al.  On the effectiveness of address-space randomization , 2004, CCS '04.

[55]  Joseph G. Tront,et al.  Using an IPv6 moving target defense to protect the Smart Grid , 2012, 2012 IEEE PES Innovative Smart Grid Technologies (ISGT).

[56]  Victor R. Basili,et al.  Comparing the Effectiveness of Software Testing Strategies , 1987, IEEE Transactions on Software Engineering.

[57]  Michael Franz,et al.  E unibus pluram: massive-scale software diversity as a defense mechanism , 2010, NSPW '10.

[58]  Jim Esch,et al.  Software-Defined Networking: A Comprehensive Survey , 2015, Proc. IEEE.

[59]  Joshua Taylor,et al.  A Quantitative Framework for Moving Target Defense Effectiveness Evaluation , 2015, MTD@CCS.

[60]  Peng Ning,et al.  Address Space Layout Permutation (ASLP): Towards Fine-Grained Randomization of Commodity Software , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[61]  Radha Poovendran,et al.  Effectiveness of IP address randomization in decoy-based moving target defense , 2013, 52nd IEEE Conference on Decision and Control.

[62]  Kevin S. Bauer,et al.  Have No PHEAR: Networks Without Identifiers , 2016, MTD@CCS.

[63]  Angelos D. Keromytis,et al.  SQLrand: Preventing SQL Injection Attacks , 2004, ACNS.

[64]  Angelos D. Keromytis,et al.  Smashing the Gadgets: Hindering Return-Oriented Programming Using In-place Code Randomization , 2012, 2012 IEEE Symposium on Security and Privacy.

[65]  Angelos D. Keromytis,et al.  Global ISR: Toward a Comprehensive Defense Against Unauthorized Code Execution , 2011, Moving Target Defense.

[66]  Angelos D. Keromytis,et al.  Countering code-injection attacks with instruction-set randomization , 2003, CCS '03.

[67]  Dijiang Huang,et al.  SDN based Scalable MTD solution in Cloud Network , 2016, MTD@CCS.

[68]  Liming Chen,et al.  N-VERSION PROGRAMMINC: A FAULT-TOLERANCE APPROACH TO RELlABlLlTY OF SOFTWARE OPERATlON , 1995, Twenty-Fifth International Symposium on Fault-Tolerant Computing, 1995, ' Highlights from Twenty-Five Years'..

[69]  Salim Hariri,et al.  Randomized Instruction Set Emulation To Disrupt Binary Code Injection Attacks , 2003 .

[70]  Xi Chen,et al.  Random domain name and address mutation (RDAM) for thwarting reconnaissance attacks , 2017, PloS one.

[71]  Dan Boneh,et al.  Hacking Blind , 2014, 2014 IEEE Symposium on Security and Privacy.

[72]  Scott A. DeLoach,et al.  Investigating the application of moving target defenses to network security , 2013, 2013 6th International Symposium on Resilient Control Systems (ISRCS).

[73]  Kevin M. Carter,et al.  A Game Theoretic Approach to Strategy Determination for Dynamic Platform Defenses , 2014, MTD '14.

[74]  Joshua Taylor,et al.  Automated Effectiveness Evaluation of Moving Target Defenses: Metrics for Missions and Attacks , 2016, MTD@CCS.

[75]  Christopher Morrell,et al.  Modeling network based moving target defense impacts through simulation in Ns-3 , 2016, MILCOM 2016 - 2016 IEEE Military Communications Conference.

[76]  Jack W. Davidson,et al.  Secure and practical defense against code-injection attacks using software dynamic translation , 2006, VEE '06.

[77]  Scott A. DeLoach,et al.  Simulation-based Approaches to Studying Effectiveness of Moving-Target Network Defense | NIST , 2012 .

[78]  Valentina Casola,et al.  A moving target defense approach for protecting resource-constrained distributed devices , 2013, 2013 IEEE 14th International Conference on Information Reuse & Integration (IRI).

[79]  Henry Massalin Superoptimizer: a look at the smallest program , 1987, ASPLOS 1987.

[80]  Angelos Stavrou,et al.  MOTAG: Moving Target Defense against Internet Denial of Service Attacks , 2013, 2013 22nd International Conference on Computer Communication and Networks (ICCCN).

[81]  Phillip A. Porras Inside risksReflections on Conficker , 2009, CACM.