Zhi Chen,Xiaolin Chang,Jelena Misic,Vojislav B. Misic,Yang,Zhen Han

DOI: https://doi.org/10.1109/globecom42002.2020.9322609

2020-01-01

Abstract:Moving target defense (MTD), emerging as a game-changer in the cyber defense area, has got a lot of attention and development recently. As a proactive defense technique, MTD dynamically changes system attributes in order to create more uncertainties of the system and has been proved to be effective against cyber attacks. Beyond this, there is still a lack of researches with respect to the quantitative analysis of the effect of MTD on system performance. This paper aims to quantitatively investigate how MTD affects system performance while bringing security. We develop Markov process-based models for two different MTD strategies and derive the formulas for metrics of interest. We carry out simulation experiments to validate our proposed models with Mininet. Furthermore, numerical analysis is conducted for comparing these two different strategies in terms of system performance. The numerical results also show how different parameters affect the evaluation metrics. Our models can help defenders conFigure the MTD system in the most suitable way.

Xin-Li Xiong,Lin Yang,Guang-Sheng Zhao

DOI: https://doi.org/10.1109/access.2019.2891613

IF: 3.9

2019-01-01

IEEE Access

Abstract:Evaluation of moving target defense (MTD) effectiveness has become one of the fundamental problems in current studies. In this paper, an evaluation model of MTD effectiveness based on system attack surface (SAS) is proposed to extend this model covering enterprise-class topology and multi-layered moving target (MT) techniques. The model is focused on the problem of incorrect performance assessment caused by inaccurately characterizing the process of attacking and defending. Existing evaluation models often fail to describe MTD dynamically in a process. To deal with this static view, offensive and defensive process based on a player’s move is presented. Besides, it converts all the attack and defense actions into the process, and interactivities are evaluated by system view extended attack surface model. Previously, the proposed attack surface models are not concerned about the links between nodes and vulnerabilities affected by topologies. After comprehensively analyzing the impact of interactions in the system, a SAS model is proposed to demonstrate how resources of the system are affected by the actions of attackers and defenders, thus ensuring the correctness of parameters for SAS in measuring MT technology. Moreover, by generating a sequence of those shifting parameters, a nonhomogeneous hierarchical hidden Markov model is used to find the possible sequence of attacking states by introducing the partial Viterbi algorithm. Also, a sequence of attacking states is defined to illustrate how adversaries are handled by MT technologies and how much additional consumption costs are increased by the system resource reconfiguration. Finally, the simulation of the proposed approach is given in a case study to demonstrate the feasibility and validity of the proposed effectiveness evaluation model in a systematic and dynamic view.

computer science, information systems,telecommunications,engineering, electrical & electronic

Guo Yuanbo,Wang Chao,Ma Jianfeng

2007-01-01

Abstract:This paper focus on analytical models using extended Stochastic Petri net for evaluations of intrusion-tolerant schemes used in distributed systems, which can be used to quantitatively evaluate and select a most appropriate scheme for specific system configurations. With the description of the generalized stochastic Petri net (GSPN) models, the availabilities of the three kinds of systems. are analyzed and compared.

Gui-lin Cai,Bao-sheng Wang,Qian-qian Xing

DOI: https://doi.org/10.1631/fitee.1601797

2017-01-01

Abstract:Moving target defense (MTD) is a novel way to alter the asymmetric situation of attacks and defenses, and a lot of MTD studies have been carried out recently. However, relevant analysis for the defense mechanism of the MTD technology is still absent. In this paper, we analyze the defense mechanism of MTD technology in two dimensions. First, we present a new defense model named MP2R to describe the proactivity and effect of MTD technology intuitively. Second, we use the incomplete information dynamic game theory to verify the proactivity and effect of MTD technology. Specifically, we model the interaction between a defender who equips a server with different types of MTD techniques and a visitor who can be a user or an attacker, and analyze the equilibria and their conditions for these models. Then, we take an existing incomplete information dynamic game model for traditional defense and its equilibrium result as baseline for comparison, to validate the proactivity and effect of MTD technology. We also identify the factors that will influence the proactivity and effectiveness of the MTD approaches. This work gives theoretical support for understanding the defense process and defense mechanism of MTD technology and provides suggestions to improve the effectiveness of MTD approaches.

Gui-lin CAI,Bao-sheng WANG,Qian-qian XING

DOI: https://doi.org/10.1631/FITEE.1601797

IF: 2.526

2018-01-01

Frontiers of Information Technology & Electronic Engineering

Abstract:Moving target defense (MTD) is a novel way to alter the asymmetric situation of attacks and defenses, and a lot of MTD studies have been carried out recently. However, relevant analysis for the defense mechanism of the MTD technology is still absent. In this paper, we analyze the defense mechanism of MTD technology in two dimensions. First, we present a new defense model named MP2R to describe the proactivity and effect of MTD technology intuitively. Second, we use the incomplete information dynamic game theory to verify the proactivity and effect of MTD technology. Specifically, we model the interaction between a defender who equips a server with different types of MTD techniques and a visitor who can be a user or an attacker, and analyze the equilibria and their conditions for these models. Then, we take an existing incomplete information dynamic game model for traditional defense and its equilibrium result as baseline for comparison, to validate the proactivity and effect of MTD technology. We also identify the factors that will influence the proactivity and effectiveness of the MTD approaches. This work gives theoretical support for understanding the defense process and defense mechanism of MTD technology and provides suggestions to improve the effectiveness of MTD approaches.

Xin Yang,Hui Li,Han Wang

DOI: https://doi.org/10.1109/iscc.2018.8538520

2018-01-01

Abstract:Moving target defense (MTD) techniques are effective solutions to improve the network security by continuously reconfiguring the system setting. On the other hand, continuously transforming also increase the cost of defenders, so it is important to analyze the effectiveness of MTDs compared with their cost. Current researches lack of analyzing the effectiveness by mathematical theory compared with analyzing by experiment. Motivated by the above, we propose a novel three-dimension model named NPM jointly use N-version programming, Poisson process, Markov chain and martingale theory to analyze the effectiveness of the proposed MTD model. Our analysis points out the difficulty for a successful adversary to defeat the MTD system, which is related to the system configuration, such as the number of executors and the judgment criterion in every node, the transforming period and rang of system MTD transformation. Finally, we give advices on the design of the system in the daily defense and the attacked defense, with the goal of guaranteeing security with minimal cost.

Gui-lin Cai,Bao-sheng Wang,Wei Hu,Tian-zuo Wang

DOI: https://doi.org/10.1631/fitee.1601321

2016-11-01

Abstract:Moving target defense (MTD) has emerged as one of the game-changing themes to alter the asymmetric situation between attacks and defenses in cyber-security. Numerous related works involving several facets of MTD have been published. However, comprehensive analyses and research on MTD are still absent. In this paper, we present a survey on MTD technologies to scientifically and systematically introduce, categorize, and summarize the existing research works in this field. First, a new security model is introduced to describe the changes in the traditional defense paradigm and security model caused by the introduction of MTD. A function-and-movement model is provided to give a panoramic overview on different perspectives for understanding the existing MTD research works. Then a systematic interpretation of published literature is presented to describe the state of the art of the three main areas in the MTD field, namely, MTD theory, MTD strategy, and MTD evaluation. Specifically, in the area of MTD strategy, the common characteristics shared by the MTD strategies to improve system security and effectiveness are identified and extrapolated. Thereafter, the methods to implement these characteristics are concluded. Moreover, the MTD strategies are classified into three types according to their specific goals, and the necessary and sufficient conditions of each type to create effective MTD strategies are then summarized, which are typically one or more of the aforementioned characteristics. Finally, we provide a number of observations for the future direction in this field, which can be helpful for subsequent researchers.

engineering, electrical & electronic,computer science, information systems, software engineering

Xin YANG,Hui LI,Jiangxing WU,Peng YI

DOI: https://doi.org/10.1360/ssi-2019-0224

2020-01-01

Abstract:Cyber mimic defenses have recently emerged as a dynamic heterogeneity redundancy architecture, which adjust the asymmetry between defenders and attackers by reconfiguring the system according to the network scenario. Some studies have investigated the effectiveness of security models, however, there is still a lack of convincing and practical methods to assess CMD networks quantitatively. Thus, in this paper, we propose a two-dimension model that calculates those details as a digital result to compare different CMD networks. In addition, the proposed method demonstrates good scalability in different networks. Specifically, in the first dimension, i.e., attacking a single node, we elaborate on system configurations and employ the Generalized Stochastic Petri net model to capture the effectiveness of different behaviors from gamers. To quantify the impacts of those behaviors, we parameterized them using a Poisson process, common vulnerabilities and exposures, and the common vulnerability scoring system. In the second dimension, we adopt Markov chains and the Martingale theory to analyze the attack process along the attack chain. Finally, security metrics and countermeasures under different scenarios are presented to verify the effectiveness of CMD, which provides some guidance for designing future systems with acceptable cost.

Sailik Sengupta,Ankur Chowdhary,Abdulhakim Sabur,Adel Alshamrani,Dijiang Huang,Subbarao Kambhampati

DOI: https://doi.org/10.1109/comst.2020.2982955

2020-01-01

Abstract:Network defenses based on traditional tools, techniques, and procedures (TTP) fail to account for the attacker's inherent advantage present due to the static nature of network services and configurations. To take away this asymmetric advantage, Moving Target Defense (MTD) continuously shifts the configuration of the underlying system, in turn reducing the success rate of cyberattacks. In this survey, we analyze the recent advancements made in the development of MTDs and highlight (1) how these defenses can be defined using common terminology, (2) can be made more effective with the use of artificial intelligence techniques for decision making, (3) be implemented in practice and (4) evaluated. We first define an MTD using a simple and yet general notation that captures the key aspects of such defenses. We then categorize these defenses into different sub-classes depending on what they move, when they move and how they move. In trying to answer the latter question, we showcase the use of domain knowledge and game-theoretic modeling can help the defender come up with effective and efficient movement strategies. Second, to understand the practicality of these defense methods, we discuss how various MTDs have been implemented and find that networking technologies such as Software Defined Networking and Network Function Virtualization act as key enablers for implementing these dynamic defenses. We then briefly highlight MTD test-beds and case-studies to aid readers who want to examine or deploy existing MTD techniques. Third, our survey categorizes proposed MTDs based on the qualitative and quantitative metrics they utilize to evaluate their effectiveness in terms of security and performance. We use well-defined metrics such as risk analysis and performance costs for qualitative evaluation and metrics based on Confidentiality, Integrity, Availability (CIA), attack representation, QoS impact, and target-d threat models for quantitative evaluation. Finally, we show that our categorization of MTDs is effective in identifying novel research areas and highlight directions for future research.

computer science, information systems,telecommunications

Sailik Sengupta,Satya Gautam Vadlamudi,Subbarao Kambhampati,Marthony Taguinod,Adam Doupé,Ziming Zhao,Gail-Joon Ahn

DOI: https://doi.org/10.48550/arXiv.1602.07024

2016-02-23

Cryptography and Security

Abstract:The present complexity in designing web applications makes software security a difficult goal to achieve. An attacker can explore a deployed service on the web and attack at his/her own leisure. Moving Target Defense (MTD) in web applications is an effective mechanism to nullify this advantage of their reconnaissance but the framework demands a good switching strategy when switching between multiple configurations for its web-stack. To address this issue, we propose modeling of a real-world MTD web application as a repeated Bayesian game. We then formulate an optimization problem that generates an effective switching strategy while considering the cost of switching between different web-stack configurations. To incorporate this model into a developed MTD system, we develop an automated system for generating attack sets of Common Vulnerabilities and Exposures (CVEs) for input attacker types with predefined capabilities. Our framework obtains realistic reward values for the players (defenders and attackers) in this game by using security domain expertise on CVEs obtained from the National Vulnerability Database (NVD). We also address the issue of prioritizing vulnerabilities that when fixed, improves the security of the MTD system. Lastly, we demonstrate the robustness of our proposed model by evaluating its performance when there is uncertainty about input attacker information.

FU Xiao-wei,LI Jin-liang,GAO Xiao-guang

DOI: https://doi.org/10.3969/j.issn.1000-1093.2013.07.017

2013-01-01

Abstract:The effect of connectivity between air defense units on the kill probability of penetration target is researched from the aspects of communication command and control structure and firepower collaboration.An air defense unit is used as a threat unit to create a threat netting model.A interconnectivity model for the threat units,the reliability of information routing in the network and the connectivity between the threat units.An information fusion model is established for target designation probability and radar detection probability.Based on the joint detection probability of multiple threat units which infers from the principle of radar networking using the networking fire control technology for multiple intercepting and coordinate attack on the penetration target,an final threat netting model is established.Finally,the simulating result in the C+ +6.0 environment proves the validity of the threat netting model.

Huan Zhang,Kangfeng Zheng,Xiujuan Wang,Shoushan Luo,Bin Wu

DOI: https://doi.org/10.1109/access.2019.2918319

IF: 3.9

2019-01-01

IEEE Access

Abstract:In a real network environment, multiple types of attacks can occur. The more important the service or network, the more attacks it may suffer simultaneously. Moving target defense (MTD) technology is a revolutionary game-changing cyberspace technology that has found various applications in recent years. However, the existing strategies are targeted at defending against specific types of attacks and do not meet the security requirements for multiple attacks. Therefore, we propose a joint defense strategy based on the MTD that can select one or multiple mutant elements to defend against different types of attacks. In addition, we use the analytic hierarchy process (AHP) to quantify the factors affecting the attack and defense costs. After comprehensively analyzing the effects of the different MTD technologies against different attacks, we propose an efficient strategy selection algorithm based on joint defense. Finally, we conduct experiments to evaluate the selection of a joint defense strategy under multiple attacks. The experimental results demonstrate the feasibility and effectiveness of the proposed joint defense strategy selection approach.

Xiang Gao,Cong Lu,Jun Tang,Linjun Fan,Yunxiang Ling,Yong Li

DOI: https://doi.org/10.1109/iccsn.2016.7586592

2016-01-01

Abstract:In view of the characteristics of multiple elements and complex process of air defense and antimissile, this paper firstly analyzes the processes of missile warning and interception in details. Then, based on the object-oriented Petri net, the new modeling method of evaluating information advantages and combat effectiveness of air defense and antimissile system is proposed, which analyzes the key nodes and information flow involved in the system. Also, the object-oriented Petri net model of air defense and antimissile is established from bottom to up with command control, conflict resolution and other mechanisms. Lastly, the simulation experiments verify the feasibility and applicability of the method for studying the information advantage and combat effectiveness of air defense and antimissile through simple cases.

Zhi Chen,Xiaolin Chang,Zhen Han,Yang

DOI: https://doi.org/10.1109/access.2020.2965090

IF: 3.9

2020-01-01

IEEE Access

Abstract:Moving target defense (MTD) has recently emerged as a game-changer in the confrontation between cyberattack and defense. MTD mechanism constantly and randomly changes the system configurations to create uncertainty of the attack surface against cyber-adversaries. To date, researches on the evaluation of MTD techniques either focused on analyzing the effectiveness of MTD or studying the system performance loss due to the use of MTD. The impact on job/service running on the protected system is always ignored. In this paper, we propose an SRN (Stochastic reward net) based analytical modeling approach to investigate how MTD techniques influence the job running on protected system from the perspective of job finish time. The SRN model developed in this paper captures the behaviors of both the adversary and the job execution process. Furthermore, we carry out numerical analysis to study the impact of different system parameters on job finish time and other evaluation metrics. The results in this paper can help defenders choose a better MTD configuration to complete the job execution as soon as possible.

Zhihua Zhang,Lu Liu,Chunying Zhang,Jing Ren,Jiang Ma,Liya Wang,Bin Liu

DOI: https://doi.org/10.3390/electronics13040734

IF: 2.9

2024-02-12

Electronics

Abstract:Aiming at the fact that the moving target defense game model fails to accurately portray attack and defense gains, resulting in bias in attack and defense games and the inability to select effective defense strategies, we construct the moving target three-way evolutionary game defense model (MTTEGDM). Firstly, the model is defined and analyzed theoretically under the premise of uncertainty and irrationality. Then, combined with the three-way decisions, the attack intention is introduced into the target network loss calculation, and a dynamic weight adjustment algorithm based on the three-way decisions is proposed to accurately characterize the attack and defense gains from a multi-attribute perspective. Finally, the evolutionary game model is used to analyze the evolution trend of the multi-stage defense strategy, so as to carry out feasible and effective defense behavior. The simulation results show that the model can accurately predict the optimal defense strategy of moving targets in different stages. Through a Monte Carlo simulation experiment, the proposed algorithm is compared with the traditional evolutionary game model, and the effectiveness and security of the proposed algorithm are verified.

engineering, electrical & electronic,computer science, information systems,physics, applied

Yuanzhuo Wang,Jingyuan Li,Kun Meng,Chuang Lin,Xueqi Cheng

DOI: https://doi.org/10.1002/sec.535

IF: 1.968

2012-04-17

Security and Communication Networks

Abstract:In this paper, we propose a novel modeling method attack–defense stochastic game Petri nets (or ADSGN) to model and analyze the security issues in enterprise network. We firstly give the definition and modeling method algorithm of ADSGN and then propose the algorithm of the strategy. The proposed ADSGN method is successfully applied to describe the attack and defense courses in the enterprise network. Finally, we analyze the mean time to first security breach and the mean time to security breach in the enterprise network quantifiably, and proved that our method can also be applied to other areas with respect to game issues. Copyright © 2012 John Wiley & Sons, Ltd. According to the characteristics of the network attack and defense actions, we extend the previous work by proposing attack‐defense stochastic game Petri nets (or ADSGNs), which can be used to model and analyze the competitive game issues by using classical methods from stochastic Petri nets. ADSGN are suitable to investigate the complex and dynamic game‐related issues in network attack. In this paper, we use ADSGN to model and analyze the enterprise network attacks, compute the Nash equilibrium to deduce the best‐response strategies to defend the attacks. We believe that ADSGN can open a new avenue to handle the game‐related issues in network security.

computer science, information systems,telecommunications

Zenan Wu,Liqin Tian,Yi Zhang,Yan Wang,Yuquan Du

DOI: https://doi.org/10.1155/2021/4005877

IF: 1.968

2021-11-13

Security and Communication Networks

Abstract:At present, most network security analysis theory assumes that the players are completely rational. However, this is not consistent with the actual situation. In this paper, based on the effectiveness constraints on both sides with network attack and defense, with the help of stochastic Petri net and evolutionary game theory, the Petri net model of network attack and defense stochastic evolutionary game is reconstructed, the specific definition of the model is given, and the modeling method is given through the network connection relationship and attack and defense strategy set. Using this model, a quantitative analysis of network attack events is carried out to solve a series of indicators related to system security, namely, attack success rate, average attack time, and average system repair time. Finally, the proposed model and analysis method are applied to a classic network attack and defense process for experimental analysis, and the results verify the rationality and accuracy of the model and analysis method.

computer science, information systems,telecommunications

Cai Guilin,Wang Baosheng,Wang Tianzuo,Luo Yuebin,Wang Xiaofeng,Cui XinWu

DOI: https://doi.org/10.7544/issn1000-1239.2016.20150225

2016-01-01

Journal of Computer Research and Development

Abstract:Nowadays ,network configurations are typically deterministic ,static ,and homogeneous . These features reduce the difficulties for cyber attackers scanning the network to identify specific targets and gather essential information ,which gives the attackers asymmetric advantages of building up ,launching and spreading attacks .Thus the defenders are always at a passive position ,and the existing defense mechanisms and approaches cannot reverse this situation . Moving target defense (M TD) is proposed as a new revolutionary technology to alter the asymmetric situation of attacks and defenses .It keeps moving the attack surface of the protected target through dynamic shifting ,which can be controlled and managed by the administrator . In this way , the attack surface exposed to attackers appears chaotic and changes over time . Therefore , the work effort ,i .e ., the cost and complexity ,for the attackers to launch a successful attack ,will be greatly increased .As a result ,the probability of successful attacks will be decreased ,and the resiliency and security of the protected target will be enhanced effectively .In this paper ,we firstly introduce the basic concepts of M TD ,and classify the related works into categories according to their research field .Then ,under each category , we give a detailed description on the existing work ,and analyze and summarize them separately . Finally ,we present our understandings on M TD ,and summarize the current research status ,and further discuss the development trends in this field .

Jian-dong ZHANG,Xiao-guang GAO,Yong WU,Yan ZHU

DOI: https://doi.org/10.3969/j.issn.1002-0640.2005.05.008

2005-01-01

Abstract:With the development of computer science and information technology,Generalized Stochastic Petri Net(GSPN),as a graphical modeling tool,has been widely used in the process of system design,for it can not only conduct formal specification and rapid prototyping,but also verify correctness and evaluate performance of distributed system due to the solid mathematics basis.The paper discusses the structural analysis techniques,reachability set analysis techniques and numerical solution,on the basis of which representative examples are given in detail.Finally,a diverse variety of application fields are discussed,ranging from communication protocols to flexible manufacturing.

Rui Zhuang,Scott A. DeLoach,Xinming Ou

DOI: https://doi.org/10.1145/2663474.2663479

2014-01-01

Abstract:The static nature of cyber systems gives attackers the advantage of time. Fortunately, a new approach, called the Moving Target Defense (MTD) has emerged as a potential solution to this problem. While promising, there is currently little research to show that MTD systems can work effectively in real systems. In fact, there is no standard definition of what an MTD is, what is meant by attack surface, or metrics to define the effectiveness of such systems. In this paper, we propose an initial theory that will begin to answer some of those questions. The paper defines the key concepts required to formally talk about MTD systems and their basic properties. It also discusses three essential problems of MTD systems, which include the MTD Problem (or how to select the next system configuration), the Adaptation Selection Problem, and the Timing Problem. We then formalize the MTD Entropy Hypothesis, which states that the greater the entropy of the system's configuration, the more effective the MTD system.