Zhi Chen,Xiaolin Chang,Jelena Misic,Vojislav B. Misic,Yang,Zhen Han

DOI: https://doi.org/10.1109/globecom42002.2020.9322609

2020-01-01

Abstract:Moving target defense (MTD), emerging as a game-changer in the cyber defense area, has got a lot of attention and development recently. As a proactive defense technique, MTD dynamically changes system attributes in order to create more uncertainties of the system and has been proved to be effective against cyber attacks. Beyond this, there is still a lack of researches with respect to the quantitative analysis of the effect of MTD on system performance. This paper aims to quantitatively investigate how MTD affects system performance while bringing security. We develop Markov process-based models for two different MTD strategies and derive the formulas for metrics of interest. We carry out simulation experiments to validate our proposed models with Mininet. Furthermore, numerical analysis is conducted for comparing these two different strategies in terms of system performance. The numerical results also show how different parameters affect the evaluation metrics. Our models can help defenders conFigure the MTD system in the most suitable way.

Gui-lin CAI,Bao-sheng WANG,Qian-qian XING

DOI: https://doi.org/10.1631/FITEE.1601797

IF: 2.526

2018-01-01

Frontiers of Information Technology & Electronic Engineering

Abstract:Moving target defense (MTD) is a novel way to alter the asymmetric situation of attacks and defenses, and a lot of MTD studies have been carried out recently. However, relevant analysis for the defense mechanism of the MTD technology is still absent. In this paper, we analyze the defense mechanism of MTD technology in two dimensions. First, we present a new defense model named MP2R to describe the proactivity and effect of MTD technology intuitively. Second, we use the incomplete information dynamic game theory to verify the proactivity and effect of MTD technology. Specifically, we model the interaction between a defender who equips a server with different types of MTD techniques and a visitor who can be a user or an attacker, and analyze the equilibria and their conditions for these models. Then, we take an existing incomplete information dynamic game model for traditional defense and its equilibrium result as baseline for comparison, to validate the proactivity and effect of MTD technology. We also identify the factors that will influence the proactivity and effectiveness of the MTD approaches. This work gives theoretical support for understanding the defense process and defense mechanism of MTD technology and provides suggestions to improve the effectiveness of MTD approaches.

Gui-lin Cai,Bao-sheng Wang,Qian-qian Xing

DOI: https://doi.org/10.1631/fitee.1601797

2017-01-01

Abstract:Moving target defense (MTD) is a novel way to alter the asymmetric situation of attacks and defenses, and a lot of MTD studies have been carried out recently. However, relevant analysis for the defense mechanism of the MTD technology is still absent. In this paper, we analyze the defense mechanism of MTD technology in two dimensions. First, we present a new defense model named MP2R to describe the proactivity and effect of MTD technology intuitively. Second, we use the incomplete information dynamic game theory to verify the proactivity and effect of MTD technology. Specifically, we model the interaction between a defender who equips a server with different types of MTD techniques and a visitor who can be a user or an attacker, and analyze the equilibria and their conditions for these models. Then, we take an existing incomplete information dynamic game model for traditional defense and its equilibrium result as baseline for comparison, to validate the proactivity and effect of MTD technology. We also identify the factors that will influence the proactivity and effectiveness of the MTD approaches. This work gives theoretical support for understanding the defense process and defense mechanism of MTD technology and provides suggestions to improve the effectiveness of MTD approaches.

Yaguan Qian,Yankai Guo,Qiqi Shao,Jiamin Wang,Bin Wang,Zhaoquan Gu,Xiang Ling,Chunming Wu

DOI: https://doi.org/10.1145/3517806

2021-01-01

Abstract:Edge intelligence has played an important role in constructing smart cities, but the vulnerability of edge nodes to adversarial attacks becomes an urgent problem. A so-called adversarial example can fool a deep learning model on an edge node for misclassification. Due to the transferability property of adversarial examples, an adversary can easily fool a black-box model by a local substitute model. Edge nodes in general have limited resources, which cannot afford a complicated defense mechanism like that on a cloud data center. To address the challenge, we propose a dynamic defense mechanism, namely EI-MTD. The mechanism first obtains robust member models of small size through differential knowledge distillation from a complicated teacher model on a cloud data center. Then, a dynamic scheduling policy, which builds on a Bayesian Stackelberg game, is applied to the choice of a target model for service. This dynamic defense mechanism can prohibit the adversary from selecting an optimal substitute model for black-box attacks. We also conduct extensive experiments to evaluate the proposed mechanism, and results show that EI-MTD could protect edge intelligence effectively against adversarial attacks in black-box settings.

Xin-Li Xiong,Lin Yang,Guang-Sheng Zhao

DOI: https://doi.org/10.1109/access.2019.2891613

IF: 3.9

2019-01-01

IEEE Access

Abstract:Evaluation of moving target defense (MTD) effectiveness has become one of the fundamental problems in current studies. In this paper, an evaluation model of MTD effectiveness based on system attack surface (SAS) is proposed to extend this model covering enterprise-class topology and multi-layered moving target (MT) techniques. The model is focused on the problem of incorrect performance assessment caused by inaccurately characterizing the process of attacking and defending. Existing evaluation models often fail to describe MTD dynamically in a process. To deal with this static view, offensive and defensive process based on a player’s move is presented. Besides, it converts all the attack and defense actions into the process, and interactivities are evaluated by system view extended attack surface model. Previously, the proposed attack surface models are not concerned about the links between nodes and vulnerabilities affected by topologies. After comprehensively analyzing the impact of interactions in the system, a SAS model is proposed to demonstrate how resources of the system are affected by the actions of attackers and defenders, thus ensuring the correctness of parameters for SAS in measuring MT technology. Moreover, by generating a sequence of those shifting parameters, a nonhomogeneous hierarchical hidden Markov model is used to find the possible sequence of attacking states by introducing the partial Viterbi algorithm. Also, a sequence of attacking states is defined to illustrate how adversaries are handled by MT technologies and how much additional consumption costs are increased by the system resource reconfiguration. Finally, the simulation of the proposed approach is given in a case study to demonstrate the feasibility and validity of the proposed effectiveness evaluation model in a systematic and dynamic view.

computer science, information systems,telecommunications,engineering, electrical & electronic

Megha Bose,Praveen Paruchuri,Akshat Kumar

2024-08-16

Abstract:Moving Target Defense (MTD) has emerged as a proactive and dynamic framework to counteract evolving cyber threats. Traditional MTD approaches often rely on assumptions about the attackers knowledge and behavior. However, real-world scenarios are inherently more complex, with adaptive attackers and limited prior knowledge of their payoffs and intentions. This paper introduces a novel approach to MTD using a Markov Decision Process (MDP) model that does not rely on predefined attacker payoffs. Our framework integrates the attackers real-time responses into the defenders MDP using a dynamic Bayesian Network. By employing a factored MDP model, we provide a comprehensive and realistic system representation. We also incorporate incremental updates to an attack response predictor as new data emerges. This ensures an adaptive and robust defense mechanism. Additionally, we consider the costs of switching configurations in MTD, integrating them into the reward structure to balance execution and defense costs. We first highlight the challenges of the problem through a theoretical negative result on regret. However, empirical evaluations demonstrate the frameworks effectiveness in scenarios marked by high uncertainty and dynamically changing attack landscapes.

Cryptography and Security,Artificial Intelligence,Machine Learning

Rui Zhuang,Scott A. DeLoach,Xinming Ou

DOI: https://doi.org/10.1145/2663474.2663479

2014-01-01

Abstract:The static nature of cyber systems gives attackers the advantage of time. Fortunately, a new approach, called the Moving Target Defense (MTD) has emerged as a potential solution to this problem. While promising, there is currently little research to show that MTD systems can work effectively in real systems. In fact, there is no standard definition of what an MTD is, what is meant by attack surface, or metrics to define the effectiveness of such systems. In this paper, we propose an initial theory that will begin to answer some of those questions. The paper defines the key concepts required to formally talk about MTD systems and their basic properties. It also discusses three essential problems of MTD systems, which include the MTD Problem (or how to select the next system configuration), the Adaptation Selection Problem, and the Timing Problem. We then formalize the MTD Entropy Hypothesis, which states that the greater the entropy of the system's configuration, the more effective the MTD system.

Guilin Cai,Baosheng Wang,Yue-Bin Luo,Wei Hu

DOI: https://doi.org/10.1007/978-981-10-2209-8_16

2016-01-01

Abstract:Moving Target Defense has been proposed as a way to alter the asymmetric situation of attacks and defenses, and there has been given a great number of related works. Currently, the performance evaluation of these works has largely been empirical, but lacks the application of theoretical models. Further, the evaluation is usually for a specific approach or a category of MTD approaches, and few work has been taken to compare different MTD techniques. In this paper, we consider a Web server as a deployment scenario for the three typical kinds of MTD techniques, and develop a generalized abstract performance evaluation and comparison model for existing MTDs through using generalized stochastic Petri Net (GSPN). We also take a case study to describe the usage of the model. The model enables us to analyze and understand the benefits and costs of an MTD approach, and can be viewed as an attempt to fill the gap of MTD comparison.

Runkai Yang,Xiaolin Chang,Jelena Misic,Vojislav B. Misic,Zhi Chen,Bo Liu

DOI: https://doi.org/10.1109/globecom38437.2019.9013921

2019-01-01

Abstract:Moving Target Defense (MTD) technology protects a target system by complicating the attacking process of adversaries. It has been gaining more and more attention with the massive growth of vulnerabilities and the widespread deployment of critical network services. This paper aims to analyze service Mean Time To Failure (MTTF) in a vulnerable network system which suffers attacks from adversaries. The system consists of multiple Physical Machines (PM) and each PM can support Docker Containers (DC) to run service. It applies Dynamic Platform Protection Technique (DPT), a kind of MTD techniques, to reduce the impact of attacks on service. A DC can be live migrated among these PMs in order to provision continuous service to users. We propose a model which captures the service behaviors during the service execution in the system. Our model allows both service residency/execution time at a PM and service migration time to be generally distributed. We also derive the formula for calculating MTTF and its approximate accuracy is validated through comparing analytical results with simulation results. Moreover, a formula is proposed to predict the total cost of the system, which helps administrators manage the network system effectively.

Zhi Chen,Xiaolin Chang,Zhen Han,Yang

DOI: https://doi.org/10.1109/access.2020.2965090

IF: 3.9

2020-01-01

IEEE Access

Abstract:Moving target defense (MTD) has recently emerged as a game-changer in the confrontation between cyberattack and defense. MTD mechanism constantly and randomly changes the system configurations to create uncertainty of the attack surface against cyber-adversaries. To date, researches on the evaluation of MTD techniques either focused on analyzing the effectiveness of MTD or studying the system performance loss due to the use of MTD. The impact on job/service running on the protected system is always ignored. In this paper, we propose an SRN (Stochastic reward net) based analytical modeling approach to investigate how MTD techniques influence the job running on protected system from the perspective of job finish time. The SRN model developed in this paper captures the behaviors of both the adversary and the job execution process. Furthermore, we carry out numerical analysis to study the impact of different system parameters on job finish time and other evaluation metrics. The results in this paper can help defenders choose a better MTD configuration to complete the job execution as soon as possible.

Ankur Chowdhary,Sailik Sengupta,Adel Alshamrani,Dijiang Huang,Abdulhakim Sabur

DOI: https://doi.org/10.1109/iccnc.2019.8685647

2019-02-01

Abstract:Large scale cloud networks consist of distributed networking and computing elements that process critical information and thus security is a key requirement for any environment. Unfortunately, assessing the security state of such networks is a challenging task and the tools used in the past by security experts such as packet filtering, firewall, Intrusion Detection Systems (IDS) etc., provide a reactive security mechanism. In this paper, we introduce a Moving Target Defense (MTD) based proactive security framework for monitoring attacks which lets us identify and reason about multi-stage attacks that target software vulnerabilities present in a cloud network. We formulate the multi-stage attack scenario as a two-player zero-sum Markov Game (between the attacker and the network administrator) on attack graphs. The rewards and transition probabilities are obtained by leveraging the expert knowledge present in the Common Vulnerability Scoring System (CVSS). Our framework identifies an attacker’s optimal policy and places countermeasures to ensure that this attack policy is always detected, thus forcing the attacker to use a sub-optimal policy with higher cost.

Gui-lin Cai,Bao-sheng Wang,Wei Hu,Tian-zuo Wang

DOI: https://doi.org/10.1631/fitee.1601321

2016-11-01

Abstract:Moving target defense (MTD) has emerged as one of the game-changing themes to alter the asymmetric situation between attacks and defenses in cyber-security. Numerous related works involving several facets of MTD have been published. However, comprehensive analyses and research on MTD are still absent. In this paper, we present a survey on MTD technologies to scientifically and systematically introduce, categorize, and summarize the existing research works in this field. First, a new security model is introduced to describe the changes in the traditional defense paradigm and security model caused by the introduction of MTD. A function-and-movement model is provided to give a panoramic overview on different perspectives for understanding the existing MTD research works. Then a systematic interpretation of published literature is presented to describe the state of the art of the three main areas in the MTD field, namely, MTD theory, MTD strategy, and MTD evaluation. Specifically, in the area of MTD strategy, the common characteristics shared by the MTD strategies to improve system security and effectiveness are identified and extrapolated. Thereafter, the methods to implement these characteristics are concluded. Moreover, the MTD strategies are classified into three types according to their specific goals, and the necessary and sufficient conditions of each type to create effective MTD strategies are then summarized, which are typically one or more of the aforementioned characteristics. Finally, we provide a number of observations for the future direction in this field, which can be helpful for subsequent researchers.

engineering, electrical & electronic,computer science, information systems, software engineering

Zhenyong Zhang,Ruilong Deng

DOI: https://doi.org/10.1109/jas.2023.123039

2023-01-01

IEEE/CAA Journal of Automatica Sinica

Abstract:In order to accommodate the effects of false data injection attacks (FDIAs), the moving target defense (MTD) strategy is recently proposed to enhance the security of the smart grid by perturbing branch susceptances. However, most pioneer work only focus on the defending performance of MTD in terms of detecting FDIAs and the impact of MTD on the static factors such as the power and economic losses. Considering the system dynamics, in this letter, the impact of MTD on the frequency stability is analytically studied. The condition required to maintain the stability of the grid frequency is provided and how the susceptance perturbation of each branch affects the frequency stability is given. The defending cost of MTD is also optimized considering both the defending performance and frequency stability constraints.

Yi-xi Xie,Li-xin Ji,Ling-shu Li,Zehua Guo,Thar Baker

DOI: https://doi.org/10.1080/09540091.2020.1832960

2020-01-01

Connection Science

Abstract:The expansion of information technology infrastructure is encountered with Advanced Persistent Threats (APTs), which can launch data destruction, disclosure, modification, and/or Denial of Service attacks by drawing upon vulnerabilities of software and hardware. Moving Target Defense (MTD) is a promising risk mitigation technique that replies to APTs via implementing randomisation and dynamic strategies on compromised assets. However, some MTD techniques adopt the blind random mutation, which causes greater performance overhead and worse defense utility. In this paper, we formulate the cyber-attack and defense as a dynamic partially observable Markov process based on dynamic Bayesian inference. Then we develop an Inference-Based Adaptive Attack Tolerance (IBAAT) system , which includes two stages. In the first stage, a forward–backward algorithm with a time window is employed to perform a security risk assessment. To select the defense strategy, in the second stage, the attack and defense process is modelled as a two-player general-sum Markov game and the optimal defense strategy is acquired by quantitative analysis based on the first stage. The evaluation shows that the proposed algorithm has about 10% security utility improvement compared to the state-of-the-art.

Guilin Cai,Baosheng Wang,Yuebin Luo,Sudan Li,Xiaofeng Wang

DOI: https://doi.org/10.1109/icact.2016.7423324

2016-01-01

Abstract:Moving Target Defense (MTD) has been proposed as a game-changing theme to increase the work effort to attack as well as the security of target system. There has been proposed a multitude of MTD mechanisms. Generally, these mechanisms follow some fundamental running patterns which determine their functionalities. In this paper, we introduce three main schools of thought on MTD mechanisms systematically and categorize the related works according to them. Then we identify and define three fundamental running patterns exhibited by these MTD mechanisms. Thereafter, we use five MTD mechanisms, which belong to the three schools of thought, as cases to confirm the patterns presented. This work can help the novices of this field to understand the running behaviours of MTDs better and easier, and can also give developers design guidance of new MTD system by providing insights of the running patterns.

Mengxiang Liu,Chengcheng Zhao,Zhenyong Zhang,Ruilong Deng

DOI: https://doi.org/10.1109/tpwrs.2022.3152801

IF: 7.326

2022-01-01

IEEE Transactions on Power Systems

Abstract:Moving target defense (MTD) is becoming promising in thwarting the false data injection attacks (FDIAs) on power system state estimation (SE). However, due to the nonlinear dynamics of AC power systems, the investigation of the general evaluation metrics of MTD, namely the effectiveness in terms of attack detection and the hiddenness, is still challenging. To this end, in this paper, we attempt to conduct an explicit analysis on the MTD performance in AC power systems. First, we derive explicit approximations of measurement residuals to quantify the two metrics. Then, based on the projection matrix, maximizing the effectiveness is transformed to maximizing the lower bound of the approximated residual, under which the matrix inverse issue is addressed. Moreover, the maximization of hiddenness is achieved by the minimization of the approximated power flow difference caused by reactance perturbation. To balance the trade-off between effectiveness and hiddenness, the design of explicit residual-based MTD (EXR-MTD) is accomplished by aggregating the two sub-problems with an appropriate weight. Finally, extensive simulations are conducted to validate the performance of EXR-MTD. Numerical results indicate that EXR-MTD performs better than existing MTD strategies in terms of hiddenness, while the effectiveness of EXR-MTD is comparable to those of existing MTD strategies.

Gabriel Ballot,Vadim Malvone,Jean Leneutre,Etienne Borde

DOI: https://doi.org/10.48550/arXiv.2206.14076

2022-06-28

Abstract:Since 2009, Moving Target Defense (MTD) has become a new paradigm of defensive mechanism that frequently changes the state of the target system to confuse the attacker. This frequent change is costly and leads to a trade-off between misleading the attacker and disrupting the quality of service. Optimizing the MTD activation frequency is necessary to develop this defense mechanism when facing realistic, multi-step attack scenarios. Attack modeling formalisms based on DAG are prominently used to specify these scenarios. Our contribution is a new DAG-based formalism for MTDs and its translation into a Price Timed Markov Decision Process to find the best activation frequencies against the attacker's time/cost-optimal strategies. For the first time, MTD activation frequencies are analyzed in a state-of-the-art DAG-based representation. Moreover, this is the first paper that considers the specificity of MTDs in the automatic analysis of attack modeling formalisms. Finally, we present some experimental results using Uppaal Stratego to demonstrate its applicability and relevance.

Cryptography and Security,Multiagent Systems

Mengxiang Liu,Chengcheng Zhao,Zhenyong Zhang,Ruilong Deng,Peng Cheng

DOI: https://doi.org/10.1109/smartgridcomm51999.2021.9632320

2021-01-01

Abstract:Moving Target Defense (MTD) is a new technology to defend against the false data injection attack (FDIA) on distribution system state estimation (DSSE). It works by proactively perturbing the branch reactance. However, due to the challenges induced by the nonlinear dynamics and the coupling phases in the three-phase AC DSSE model, the analysis on the effectiveness and hiddenness of MTD, which are two essential performance metrics, has not yet been conducted. In this paper, we attempt to optimize the effectiveness and hiddenness of MTD while considering voltage stability. Firstly, we quantify the two metrics with approximated measurement residuals. Based on the quantified metrics, we formulate an optimization problem to maximize the effectiveness with guaranteed hiddenness and ensure voltage stability by minimizing the voltage variation induced by MTD. The original problem is transformed to a polynomial optimization problem based on the observation that the alteration of the projection matrix caused by reactance perturbation is neglectable, such that the near-optimal result can be obtained. Finally, extensive simulations are conducted on the IEEE 13-bus test feeder to evaluate the performance of the proposed MTD.

Cai Guilin,Wang Baosheng,Wang Tianzuo,Luo Yuebin,Wang Xiaofeng,Cui XinWu

DOI: https://doi.org/10.7544/issn1000-1239.2016.20150225

2016-01-01

Journal of Computer Research and Development

Abstract:Nowadays ,network configurations are typically deterministic ,static ,and homogeneous . These features reduce the difficulties for cyber attackers scanning the network to identify specific targets and gather essential information ,which gives the attackers asymmetric advantages of building up ,launching and spreading attacks .Thus the defenders are always at a passive position ,and the existing defense mechanisms and approaches cannot reverse this situation . Moving target defense (M TD) is proposed as a new revolutionary technology to alter the asymmetric situation of attacks and defenses .It keeps moving the attack surface of the protected target through dynamic shifting ,which can be controlled and managed by the administrator . In this way , the attack surface exposed to attackers appears chaotic and changes over time . Therefore , the work effort ,i .e ., the cost and complexity ,for the attackers to launch a successful attack ,will be greatly increased .As a result ,the probability of successful attacks will be decreased ,and the resiliency and security of the protected target will be enhanced effectively .In this paper ,we firstly introduce the basic concepts of M TD ,and classify the related works into categories according to their research field .Then ,under each category , we give a detailed description on the existing work ,and analyze and summarize them separately . Finally ,we present our understandings on M TD ,and summarize the current research status ,and further discuss the development trends in this field .

Zan Zhou,Changqiao Xu,Xiaohui Kuang,Tao Zhang,Limin Sun

DOI: https://doi.org/10.1109/icc.2019.8761927

2019-01-01

Abstract:For the reasons that defect remedy is an endless arduous work for static network defense technologies and cyberspace security remains unguaranteed, moving target defense (MTD) is proposed to stem the tide. Whereas, as an important branch of MTD, route mutation technologies still have limitations against some sophisticated adversaries like Advanced Persistent Threat (APT), multiple-step complex or combined attacks. In this paper, we propose a new spatio-temporal route mutation method based on MTD. We first take the maximization of resistibility towards not only multiple forms of attacks but also attackers' long-term background knowledge into consideration. We also formulate the problem into a stochastic optimization model and make it possible to agilely generate the satisfying mutation route meets the demands of various parties jointly by only solving one uniform problem. Thus, network Security is guaranteed from both flows(users) and nodes(infrastructure) perspectives. Experimental results highlight the security advantages as traffic dispersion, potential victim number and attack failure rates of our method compared to existing solutions.