Miao Xu,Wenyuan Xu,Jason O'Kane

DOI: https://doi.org/10.1109/MASS.2011.43

2011-01-01

Abstract:Wireless sensor networks are vulnerable to various attacks and network dynamics that can breach data privacy and harm data availability. Since those threats cannot be addressed purely by cryptography-based methods, this paper presents a data dissemination scheme that can enhance two goals: data privacy and data availability, leveraging the node location diversity presented in typical wireless sensor networks rather than relying on cryptographic techniques. We demonstrate that the message content is important to quantify the uncertainty associated with data privacy and data availability, and provide content-based definitions utilizing information states. Further, to strike the balance between two conflicting goals in an energy efficient way, we construct a spatial privacy graph based on the locations of network nodes, and use a distributed coloring scheme to ensure that any pairs of nodes whose combined data provide too much information should not send their sensed data to the same storage node. Additionally, sensor nodes selectively send data to multiple storage nodes to achieve higher availability. Our experimental results show that our scheme can achieve better data privacy and a higher level of data availability at smaller energy cost than other baseline data dissemination schemes.

Chang-Ting Lin,Chunming Wu,Min Huang,Zhenyu Wen,Qiumei Cheng

DOI: https://doi.org/10.1109/SRDSW.2016.21

2016-01-01

Abstract:IP address mutation is a proactive defense method that is used to reduce the risk of network attacks, especially to deal with the worm propagation attacks. However, previous work did not give much consideration to the negative effects that IP address mutation could bring to network performance. To be specific, there is a trade-off between network performance and security, which implies that when a security mechanism is reinforced, network performance would be impaired and vice versa. Therefore, in order to achieve the optimal balance between performance and security, an optimal solution should be provided. In this paper, we propose an adaptive IP mutation defense method which is based on temporal-dimension, to dynamically control the mutation interval according to real-time measurable metrics, assurance and avoidance. This method leverages a genetic algorithm to achieve the optimization of performance-security trade-off. We then evaluate our method in a simulated computer cluster environment, including 1024 hosts, and demonstrate that our method can successfully find the optimal solution according to the experimental results. For example, it can reduce the worm propagation significantly, while maintaining the network performance in a predefined level.

Abdullah Aydeger,Pei Zhou,Sanzida Hoque,Marco Carvalho,Engin Zeydan

2024-10-03

Abstract:One of the most critical components of the Internet that an attacker could exploit is the DNS (Domain Name System) protocol and infrastructure. Researchers have been constantly developing methods to detect and defend against the attacks against DNS, specifically DNS flooding attacks. However, most solutions discard packets for defensive approaches, which can cause legitimate packets to be dropped, making them highly dependable on detection strategies. In this paper, we propose MTDNS, a resilient MTD-based approach that employs Moving Target Defense techniques through Software Defined Networking (SDN) switches to redirect traffic to alternate DNS servers that are dynamically created and run under the Network Function Virtualization (NFV) framework. The proposed approach is implemented in a testbed environment by running our DNS servers as separate Virtual Network Functions, NFV Manager, SDN switches, and an SDN Controller. The experimental result shows that the MTDNS approach achieves a much higher success rate in resolving DNS queries and significantly reduces average latency even if there is a DNS flooding attack.

Networking and Internet Architecture,Cryptography and Security,Distributed, Parallel, and Cluster Computing,Emerging Technologies

Yongsheng Mei,Kailash Gogineni,Tian Lan,Guru Venkataramani

DOI: https://doi.org/10.48550/arXiv.2110.03798

2021-10-08

Abstract:Communication protocol security is among the most significant challenges of the Internet of Things (IoT) due to the wide variety of hardware and software technologies involved. Moving target defense (MTD) has been adopted as an innovative strategy to solve this problem by dynamically changing target system properties and configurations to obfuscate the attack surface. Nevertheless, the existing work of MTD primarily focuses on lower-level properties (e.g., IP addresses or port numbers), and only a limited number of variations can be generated based on these properties. In this paper, we propose a new approach of MTD through communication protocol dialects (MPD) - which dynamically customizes a communication protocol into various protocol dialects and leverages them to create a moving target defense. Specifically, MPD harnesses a dialect generating function to create protocol dialects and then a mapping function to select one specific dialect for each packet during communication. To keep different network entities in synchronization, we also design a self-synchronization mechanism utilizing a pseudo-random number generator with the input of a pre-shared secret key and previously sent packets. We implement a prototype of MPD and evaluate its feasibility on standard network protocol (i.e., File Transfer Protocol) and internet of things protocol (i.e., Message Queuing Telemetry Transport). The results indicate that MPD can create a moving target defense with protocol dialects to effectively address various attacks - including the denial of service attack and malicious packet modifications - with negligible overhead.

Cryptography and Security

Tina Moghaddam,Guowei Yang,Chandra Thapa,Seyit Camtepe,Dan Dongseong Kim

2024-08-07

Abstract:Moving target defenses (MTD) are proactive security techniques that enhance network security by confusing the attacker and limiting their attack window. MTDs have been shown to have significant benefits when evaluated against traditional network attacks, most of which are automated and untargeted. However, little has been done to address an attacker who is aware the network uses an MTD. In this work, we propose a novel approach named MTDSense, which can determine when the MTD has been triggered using the footprints the MTD operation leaves in the network traffic. MTDSense uses unsupervised clustering to identify traffic following an MTD trigger and extract the MTD interval. An attacker can use this information to maximize their attack window and tailor their attacks, which has been shown to significantly reduce the effectiveness of MTD. Through analyzing the attacker's approach, we propose and evaluate two new MTD update algorithms that aim to reduce the information leaked into the network by the MTD. We present an extensive experimental evaluation by creating, to our knowledge, the first dataset of the operation of an IP-shuffling MTD in a software-defined network. Our work reveals that despite previous results showing the effectiveness of MTD as a defense, traditional implementations of MTD are highly susceptible to a targeted attacker.

Cryptography and Security,Networking and Internet Architecture

Mariusz Żal,Marek Michalski,Piotr Zwierzykowski

DOI: https://doi.org/10.3390/electronics13050918

IF: 2.9

2024-02-29

Electronics

Abstract:The contemporary world, dominated by information technologt (IT), necessitates sophisticated protection mechanisms against attacks that pose significant threats to individuals, companies, and governments alike. The unpredictability of human behavior, coupled with the scattered development of applications and devices, complicates supply chain maintenance, making it impossible to develop a system entirely immune to cyberattacks. Effective execution of many attack types hinges on prior network reconnaissance. Thus, hindering effective reconnaissance serves as a countermeasure to attacks. This paper introduces a solution within the moving target defense (MTD) strategies, focusing on the mutation of Internet protocol (IP) addresses in both edge and core network switches. The idea of complicating reconnaissance by continually changing IP addresses has been suggested in numerous studies. Nonetheless, previously proposed solutions have adversely impacted the quality of service (QoS) levels. Implementing these mechanisms could interrupt Transmission Control Protocol (TCP) connections and result in data losses. The IP address mutation algorithms presented in this study were designed to be fully transparent to transport layer protocols, thereby preserving the QoS for users without degradation. In this study, we leveraged the benefits of software-defined networking (SDN) and the Programming-Protocol-Ondependent Packet Processors (P4) language, which specifies packet processing methodologies in the data plane. Employing both SDN and P4 enables a dynamic customization of network device functionalities to meet network users' specific requirements, a feat unachievable with conventional computer networks. This approach not only enhances the adaptability of network configurations but also significantly increases the efficiency and effectiveness of network management and operation.

engineering, electrical & electronic,computer science, information systems,physics, applied

Jianjun Zheng,Akbar Siami Namin

DOI: https://doi.org/10.1007/s11390-019-1906-z

IF: 1.871

2019-01-01

Journal of Computer Science and Technology

Abstract:As the complexity and the scale of networks continue to grow, the management of the network operations and security defense has become a challenging task for network administrators, and many network devices may not be updated timely, leaving the network vulnerable to potential attacks. Moreover, the static nature of our existing network infrastructure allows attackers to have enough time to study the static configurations of the network and to launch well-crafted attacks at their convenience while defenders have to work around the clock to defend the network. This asymmetry, in terms of time and money invested, has given attackers greater advantage than defenders and has made the security defense even more challenging. It calls for new and innovative ideas to fix the problem. Moving Target Defense (MTD) is one of the innovative ideas which implements diverse and dynamic configurations of network systems with the goal of puzzling the exact attack surfaces available to attackers. As a result, the system status with the MTD strategy is unpredictable to attackers, hard to exploit, and is more resilient to various forms of attacks. There are existing survey papers on various MTD techniques, but to the best of our knowledge, insufficient focus was given on the architectural perspective of MTD strategies or some new technologies such as Internet of Things (IoT). This paper presents a comprehensive survey on MTD and implementation strategies from the perspective of the architecture of the complete network system, covering the motivation for MTD, the explanation of main MTD concepts, ongoing research efforts of MTD and its implementation at each level of the network system, and the future research opportunities offered by new technologies such as Software-Defined Networking (SDN) and Internet of Things (IoT).

computer science, software engineering, hardware & architecture

Sailik Sengupta,Ankur Chowdhary,Abdulhakim Sabur,Adel Alshamrani,Dijiang Huang,Subbarao Kambhampati

DOI: https://doi.org/10.1109/comst.2020.2982955

2020-01-01

Abstract:Network defenses based on traditional tools, techniques, and procedures (TTP) fail to account for the attacker's inherent advantage present due to the static nature of network services and configurations. To take away this asymmetric advantage, Moving Target Defense (MTD) continuously shifts the configuration of the underlying system, in turn reducing the success rate of cyberattacks. In this survey, we analyze the recent advancements made in the development of MTDs and highlight (1) how these defenses can be defined using common terminology, (2) can be made more effective with the use of artificial intelligence techniques for decision making, (3) be implemented in practice and (4) evaluated. We first define an MTD using a simple and yet general notation that captures the key aspects of such defenses. We then categorize these defenses into different sub-classes depending on what they move, when they move and how they move. In trying to answer the latter question, we showcase the use of domain knowledge and game-theoretic modeling can help the defender come up with effective and efficient movement strategies. Second, to understand the practicality of these defense methods, we discuss how various MTDs have been implemented and find that networking technologies such as Software Defined Networking and Network Function Virtualization act as key enablers for implementing these dynamic defenses. We then briefly highlight MTD test-beds and case-studies to aid readers who want to examine or deploy existing MTD techniques. Third, our survey categorizes proposed MTDs based on the qualitative and quantitative metrics they utilize to evaluate their effectiveness in terms of security and performance. We use well-defined metrics such as risk analysis and performance costs for qualitative evaluation and metrics based on Confidentiality, Integrity, Availability (CIA), attack representation, QoS impact, and target-d threat models for quantitative evaluation. Finally, we show that our categorization of MTDs is effective in identifying novel research areas and highlight directions for future research.

computer science, information systems,telecommunications

Zhimin Tang,Duohe Ma,Xiaoyan Sun,Kai Chen,Liming Wang,Junye Jiang

DOI: https://doi.org/10.1109/iscc58397.2023.10218253

2023-01-01

Abstract:Traditional defense methods are hard to change the inherent vulnerabilities of static data storage, single data access, and deterministic data content, leading to frequent data leakage incidents. Moving target defense (MTD) techniques can increase data diversity and unpredictability by dynamically shifting the data attack surface. However, in the existing methods, the data lacks sufficient dynamics due to insufficient shifting space and shifting frequency of attack surface, and legitimate users are inevitably greatly affected. This study proposes a data MTD method that the data changes dynamically based on real-time multi-source user access information. Through the multidimensional user stratification mechanism, we establish a novel dynamic data model that uses the combination of random deception strategies to convert metadata properties and content of data based on the user risk levels, while data remains unchanged for legitimate users. Multiple sets of experiments demonstrate the effectiveness and low consumption of our data dynamic defense approach.

Yuming Feng,Weizhe Zhang,Zijun Feng,Xiaoxiong Zhong,Fangming Liu

DOI: https://doi.org/10.1109/iwqos61813.2024.10682921

2024-01-01

Abstract:The widespread deployment of low-cost, vulnerable IoT devices allows attackers to exploit them to generate botnets and launch distributed denial-of-service (DDoS) attacks, which has become a serious security challenge for ensuring quality of service (QoS). For cost-effective defense against DDoS, we propose a novel hybrid defense method that includes proactive moving target defense (MTD) and passive security control to resist DDoS threats at different stages in IoT networks in this paper. We construct a multi-stage Markov game model to portray the game as a competition between the attacker and the defender for the control duration of the attack surface, and design an optimal defense strategy algorithm. In particular, we introduce a new parameter of action execution interval expectation in the game and add node importance evaluation in the reward quantification so that the optimal action execution interval of each defense technique can be output. We also consider the possibility that advanced attackers may launch DDoS on the SDN controller in the game. The experimental results demonstrate that our proposed method can defend against DDoS cost-effectively and ensure the QoS in IoT networks with acceptable overhead.

Duohe Ma,Zhen Xu,Dongdai Lin

DOI: https://doi.org/10.1007/978-3-319-23829-6_32

2015-01-01

Abstract:Software Defined Networking (SDN) provides a new network solution by decoupling control plane and data plane from the closed and proprietary implementations of traditional network devices. With its promisingly advanced architecture, SDN represents the future development trend of network. In its typical structure, collaborative interaction between one controller and multiple switches forms a centralized network topology. As playing a key role in this network architecture, the controller in SDN is very vulnerable to single point of failure. What is worse, the emergence of Blind DDoS attack against SDN’s special structure increases its risks. To address this challenge, we introduce a Moving Target Defense(MTD) system to defend Blind DDoS attack. The approach adopts a multi-controller pool to solve the saturation problem, and it can dynamically shift controllers connecting to switches according to the density of flood flow. By randomly delaying the scanning packets and filtering the flood with route-map, this MTD system can effectively resist the Blind DDoS attack and protect the availability and reliability of SDN.

Cai Guilin,Wang Baosheng,Wang Tianzuo,Luo Yuebin,Wang Xiaofeng,Cui XinWu

DOI: https://doi.org/10.7544/issn1000-1239.2016.20150225

2016-01-01

Journal of Computer Research and Development

Abstract:Nowadays ,network configurations are typically deterministic ,static ,and homogeneous . These features reduce the difficulties for cyber attackers scanning the network to identify specific targets and gather essential information ,which gives the attackers asymmetric advantages of building up ,launching and spreading attacks .Thus the defenders are always at a passive position ,and the existing defense mechanisms and approaches cannot reverse this situation . Moving target defense (M TD) is proposed as a new revolutionary technology to alter the asymmetric situation of attacks and defenses .It keeps moving the attack surface of the protected target through dynamic shifting ,which can be controlled and managed by the administrator . In this way , the attack surface exposed to attackers appears chaotic and changes over time . Therefore , the work effort ,i .e ., the cost and complexity ,for the attackers to launch a successful attack ,will be greatly increased .As a result ,the probability of successful attacks will be decreased ,and the resiliency and security of the protected target will be enhanced effectively .In this paper ,we firstly introduce the basic concepts of M TD ,and classify the related works into categories according to their research field .Then ,under each category , we give a detailed description on the existing work ,and analyze and summarize them separately . Finally ,we present our understandings on M TD ,and summarize the current research status ,and further discuss the development trends in this field .

雷程,马多贺,张红旗,韩琦,杨英杰

DOI: https://doi.org/10.11959/j.issn.1000-436x.2017056

2017-01-01

Abstract:Moving target defense is a revolutionary technology which changes the situation of attack and defense.How to effectively achieve forwarding path mutation is one of the hotspot in this field.Since existing mechanisms are blindness and lack of constraints in the process of mutation,it is hard to maximize mutation defense benefit under the condition of good network quality of services.A novel of network moving target defense technique based on optimal forwarding path migration was proposed.Satisfiability modulo theory was adopted to formally describe the mutation constraints,so as to prevent transient problem.Optimization combination between routing path and mutation period was chosen by using optimal routing path generation method based on security capacity matrix so as to maximum defense benefit.Theoretical and experimental analysis show the defense cost and benefit in resisting passive sniffing attacks.The capability of achieving maximum defense benefit under the condition of ensuring network quality of service is proved.

Rui Zhuang,Scott A. DeLoach,Xinming Ou

DOI: https://doi.org/10.1145/2663474.2663479

2014-01-01

Abstract:The static nature of cyber systems gives attackers the advantage of time. Fortunately, a new approach, called the Moving Target Defense (MTD) has emerged as a potential solution to this problem. While promising, there is currently little research to show that MTD systems can work effectively in real systems. In fact, there is no standard definition of what an MTD is, what is meant by attack surface, or metrics to define the effectiveness of such systems. In this paper, we propose an initial theory that will begin to answer some of those questions. The paper defines the key concepts required to formally talk about MTD systems and their basic properties. It also discusses three essential problems of MTD systems, which include the MTD Problem (or how to select the next system configuration), the Adaptation Selection Problem, and the Timing Problem. We then formalize the MTD Entropy Hypothesis, which states that the greater the entropy of the system's configuration, the more effective the MTD system.

Gui-lin Cai,Bao-sheng Wang,Wei Hu,Tian-zuo Wang

DOI: https://doi.org/10.1631/fitee.1601321

2016-11-01

Abstract:Moving target defense (MTD) has emerged as one of the game-changing themes to alter the asymmetric situation between attacks and defenses in cyber-security. Numerous related works involving several facets of MTD have been published. However, comprehensive analyses and research on MTD are still absent. In this paper, we present a survey on MTD technologies to scientifically and systematically introduce, categorize, and summarize the existing research works in this field. First, a new security model is introduced to describe the changes in the traditional defense paradigm and security model caused by the introduction of MTD. A function-and-movement model is provided to give a panoramic overview on different perspectives for understanding the existing MTD research works. Then a systematic interpretation of published literature is presented to describe the state of the art of the three main areas in the MTD field, namely, MTD theory, MTD strategy, and MTD evaluation. Specifically, in the area of MTD strategy, the common characteristics shared by the MTD strategies to improve system security and effectiveness are identified and extrapolated. Thereafter, the methods to implement these characteristics are concluded. Moreover, the MTD strategies are classified into three types according to their specific goals, and the necessary and sufficient conditions of each type to create effective MTD strategies are then summarized, which are typically one or more of the aforementioned characteristics. Finally, we provide a number of observations for the future direction in this field, which can be helpful for subsequent researchers.

engineering, electrical & electronic,computer science, information systems, software engineering

Yuyang Zhou,Guang Cheng,Shanqing Jiang,Ying Hu,Yuyu Zhao,Zihan Chen

DOI: https://doi.org/10.1145/3338468.3356824

2019-09-18

Abstract:Moving Target Defense (MTD) has emerged as a newcomer into the asymmetric field of attack and defense, and shuffling-based MTD has been regarded as one of the most effective ways to mitigate DDoS attacks. However, previous work does not acknowledge that frequent shuffles would significantly intensify the overhead. MTD requires a quantitative measure to compare the cost and effectiveness of available adaptations and explore the best trade-off between them. In this paper, therefore, we propose a new cost-effective shuffling method against DDoS attacks using MTD. By exploiting Multi-Objective Markov Decision Processes to model the interaction between the attacker and the defender, and designing a cost-effective shuffling algorithm, we study the best trade-off between the effectiveness and cost of shuffling in a given shuffling scenario. Finally, simulation and experimentation on an experimental software defined network (SDN) indicate that our approach imposes an acceptable shuffling overload and is effective in mitigating DDoS attacks.

Cryptography and Security

Jiawen Kang,Yibo Lian,Changqiao Xu,Haijiang Tian,Xiaohui Kuang,D. Niyato,Zhang Tao

DOI: https://doi.org/10.1109/JSAC.2023.3310072

IF: 16.4

2023-10-01

IEEE Journal on Selected Areas in Communications

Abstract:With rapid development of emerging technologies for Internet of Things (IoT), digital twins (DT) have been proposed to support a wide variety of applications. A mobile network is expected to be integrated with DT to form a DT mobile network (DTMN). Unfortunately, DTMN still faces security threats, which have attracted great research attention. Current defense mechanisms are mostly static, i.e., responding after attacks happening. To solve the aforementioned problem, moving target defense (MTD) has been proposed as an innovative solution. However, there exist three major challenges when applying MTD into DTMN. Firstly, less emphasis was paid to collaborative scheduling between multiple MTD schemes, which can improve the security of DTMN. Secondly, MTD schemes require lots of network resources, but few works focus on the time allocation of multiple MTD schemes to reduce network resource consumption. Thirdly, existing defense strategies only rely on current information, but do not consider future information. In this paper, we propose a collaborative mutation-based MTD (CM-MTD) in DTMN. We mainly consider two MTD schemes called host address mutation (HAM) and route mutation (RM), respectively, which adjust network properties and invalidate different stages of cyber kill chain. We firstly formulate a semi-Markov decision process (SMDP) to model time-varying security events and dynamic deployment of multiple MTD schemes. Then, security events are predicted by long short-term memory (LSTM), which are regarded as network states in SMDP. Next, infeasible actions that do not satisfy network constraints will be removed from the action space of the SMDP. Lastly, we design a hierarchical deep reinforcement learning algorithm for collaborative scheduling. Simulation results highlight the effectiveness of CM-MTD compared with baseline solutions.

Engineering,Computer Science

MA Duohe,LI Qiong,LIN Dongdai

DOI: https://doi.org/10.11959/j.issn.1000-436x.2018025

2018-01-01

Abstract:Eavesdropping attack hereby was the major attack for traditional network communication. As this kind of at-tacks was stealthy and untraceable, it was barely detectable for those feature detection or static configuration based pas-sive defense approaches. Since existing encryption or dynamic address methods could only confuse part of fields of net-work protocols, they couldn't form a comprehensive protection. Therefore a moving target defense method by utilizing the protocol customization ability of protocol-oblivious forwarding (POF) was proposed, through private protocol packet randomization strategy and randomly drop deception-packets on dynamic paths strategy. It could greatly increase the dif-ficulty of implementing network eavesdropping attack and protect the privacy of the network communication process. Experiments and compare studies show its efficiency.

Deliang Chang,Joann Qiongna Chen,Zhou Li,Xing Li

DOI: https://doi.org/10.1109/eurosp53844.2022.00020

2022-01-01

Abstract:Domain name system (DNS) is the address book of the Internet and domain names are queried before almost every network activity. Since the entities like recursive resolvers can monitor users' DNS queries, privacy concerns such as user tracking arise. Though a number of prior works have looked into this issue, they all focus on the closed-world setting, which means that victim users must be known to the adversary. We argue that it does not reflect the adversary's true capabilities. Moreover, there lacks an effective approach to defend against DNS-based user tracking. In this work, we revisit these issues by investigating the attack surface in both open-world and closed-world settings and studying how to protect users. First, we introduce a new tracking mechanism DSCorr which incorporates domain-based word embedding to capture the fine-grained distance between domain names, and automatic threshold generation for fine-tuning the attack outcome. The evaluation result on a real-world DNS dataset shows DSCorr is able to outperform the existing works by a large margin especially in the open-world setting. On the defense side, we develop a system called LDPResolve, which incorporates a recently proposed differential privacy notion ULDP (Utility-optimized Local Differential Privacy) and a new technique named parallel domain resolving, to provide privacy guarantees without damaging the utility of legitimate applications. The evaluation result on the same dataset shows the DNS-based user tracking can be effectively curbed, e.g., tracking accuracy degraded from 93% to 10.1%.

Jianguo Hao,Weidong Liu,Yiqi Dai

DOI: https://doi.org/10.1049/cp.2010.1069

2010-01-01

Abstract:The privacy protection is an important issue for suspicious MANETs, a kind of Mobile Ad-hoc Networks (MANETs) that the nodes do not trust each other. One vital problem of the privacy protection in suspicious MANETs is that the malicious nodes may abuse the privacy protection to initiate some attacks that can not be tracked. As a solution to this problem, this paper proposes a universal controllable privacy protection framework in position-based routing for suspicious MANETs. We integrate a Perturbation-based Privacy Preservation (PPP) mechanism and a Malicious Node Revocation (MNR) mechanism with the common position based routing protocols, and achieve the controllable privacy protection to nodes and the controllable security of networks. The analyses show that our framework can achieve the node control location privacy of the nodes, and can defend the malicious insider nodes and impersonation attacks with acceptable overheads in suspicious MANETs.