Chapter

Integration of Reusable Systems

Volume 263 of the series Advances in Intelligent Systems and Computing pp 299-324

Date:

A Multi-Layer Moving Target Defense Approach for Protecting Resource-Constrained Distributed Devices

  • Valentina CasolaAffiliated withDepartment of Electrical Engineering and Information Technology, University of Naples Federico II
  • , Alessandra De BenedictisAffiliated withDepartment of Electrical Engineering and Information Technology, University of Naples Federico II Email author 
  • , Massimiliano AlbaneseAffiliated withCenter for Secure Information Systems, George Mason University Email author 

* Final gross prices may vary according to local VAT.

Get Access

Abstract

Techniques aimed at continuously changing a system’s attack surface, usually referred to as Moving Target Defense (MTD), are emerging as powerful tools for thwarting cyber attacks. Such mechanisms increase the uncertainty, complexity, and cost for attackers, limit the exposure of vulnerabilities, and ultimately increase overall resiliency. In this chapter, we propose an MTD approach for protecting resource-constrained distributed devices through fine-grained reconfiguration at different architectural layers. We introduce a coverage-based security metric to quantify the level of security provided by each system configuration: such metric, along with other performance metrics, can be adopted to identify the configuration that best meets the current requirements. In order to show the feasibility of our approach in real-world scenarios, we study its application to Wireless Sensor Networks (WSNs), introducing two different reconfiguration mechanisms. Finally, we show how the proposed mechanisms are effective in reducing the probability of successful attacks.

Keywords

Moving target defense Reconfiguration Proactive security