Abstract
The scientific method emphasizes that repeatable experimentation is critical for several reasons; to facilitate comparative analysis, to recreate experiments, to re-validate reported results, to critique and propose improvements, and to augment the work. In the field of cybersecurity moving target defense, where assets are shuffled to thwart attackers, it is critical to know what strategies work best, the success factors, and how these strategies may impact system performance. While some researchers make their algorithms, models, and tools available as open source, it is difficult and, in some cases, impossible to recreate studies due to the lack of the original operating environment or no support for software components used within that environment.
In this paper, we present the repeatable experimentation system (RES), which aids in creating and recreating networked virtual environments to conduct comparative network studies. Experiments are composed of virtual machines, containers, automation scripts, and other artifacts that are needed to recreate and re-run a study. This includes data collection and analysis. We provide a case study where we incorporate two publicly available moving target defense implementations that use different underlying software components. We present how RES can be used for fully automated experimentation along with an analysis on the results obtained from parallel and sequential executions. We have packaged the case study into a RES file that can be used by other researchers to repeat, modify, and improve on these and other works .
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Available at: https://github.com/ARL-UTEP-OC/res.
- 2.
Available at: https://github.com/ARL-UTEP-OC/res-ryu-mtd.
- 3.
Available at https://github.com/pschmitt/guacapy.
References
Ahrenholz, J., Danilov, C., Henderson, T.R., Kim, J.H.: CORE: a real-time network emulator. In: MILCOM 2008–2008 IEEE Military Communications Conference, pp. 1–7 (2008)
Al-Shaer, E., Duan, Q., Jafarian, J.H.: Random host mutation for moving target defense. In: Keromytis, A.D., Di Pietro, R. (eds.) SecureComm 2012. LNICST, vol. 106, pp. 310–327. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36883-7_19
Carroll, T.E., Crouse, M., Fulp, E.W., Berenhaut, K.S.: Analysis of network address shuffling as a moving target defense. In: 2014 IEEE International Conference on Communications (ICC), pp. 701–706 (2014)
Carter, K.M., Riordan, J.F., Okhravi, H.: A game theoretic approach to strategy determination for dynamic platform defenses. In: Proceedings of the First ACM Workshop on Moving Target Defense, MTD 2014, pp. 21–30 (2014). https://doi.org/10.1145/2663474.2663478
Cho, J.H., et al.: Toward proactive, adaptive defense: a survey on moving target defense. arXiv preprint arXiv:1909.08092 (2019)
Clark, A., Sun, K., Poovendran, R.: Effectiveness of IP address randomization in decoy-based moving target defense. In: 52nd IEEE Conference on Decision and Control, pp. 678–685 (2013)
Crouse, M., Prosser, B., Fulp, E.W.: Probabilistic performance analysis of moving target and deception reconnaissance defenses. In: Proceedings of the Second ACM Workshop on Moving Target Defense, MTD 2015, pp. 21–29 (2015). https://doi.org/10.1145/2808475.2808480
Dishington, C., Sharma, D.P., Kim, D.S., Cho, J., Moore, T.J., Nelson, F.F.: Security and performance assessment of IP multiplexing moving target defence in software defined networks. In: 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), pp. 288–295 (2019)
Gangappa, G.S.: Moving target defense RHM using SDN (2018). https://github.com/girishsg24/Moving-Target-Defense-RHM-using-SDN. Accessed 20 Feb 2021
Apache guacamole. https://guacamole.apache.org, https://guacamole.apache.org. Accessed 20 Feb 2021
Hamlet, J.R., Lamb, C.C.: Dependency graph analysis and moving target defense selection. In: Proceedings of the 2016 ACM Workshop on Moving Target Defense, MTD 2016, pp. 105–116 (2016). https://doi.org/10.1145/2995272.2995277
Vagrant by HashiCorp. https://www.vagrantup.com, https://www.vagrantup.com. Accessed 20 Feb 2021
Hong, J.B., Kim, D.S.: Scalable security models for assessing effectiveness of moving target defenses. In: 2014 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, pp. 515–526 (2014)
Huang, C., Zhu, S., Yang, Y.: An evaluation framework for moving target defense based on analytic hierarchy process. EAI Endorsed Trans. Secur. Saf. 4, e4 (2018)
Huang, Y., Ghosh, A.K.: Introducing diversity and uncertainty to create moving attack surfaces for web services. In: Jajodia, S., Ghosh, A.K., Swarup, V., Wang, C., Wang, X.S. (eds.) Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats, pp. 131–151 (2011). https://doi.org/10.1007/978-1-4614-0977-9_8
Jafarian, J.H., Al-Shaer, E., Duan, Q.: OpenFlow random host mutation: transparent moving target defense using software defined networking. In: Proceedings of the First Workshop on Hot Topics in Software Defined Networks, HotSDN 2012, pp. 127–132 (2012). https://doi.org/10.1145/2342441.2342467
Kaur, K., Singh, J., Ghumman, N.S.: Mininet as software defined networking testing platform. In: International Conference on Communication, Computing & Systems (ICCCS), pp. 139–42 (2014)
Kyi Oo, W.K., Koide, H., Vasconcellos Vargas, D., Sakurai, K.: A new design for evaluating moving target defense system. In: 2018 Sixth International Symposium on Computing and Networking Workshops (CANDARW), pp. 561–563 (2018)
Lyon, G.F.: Nmap network scanning: the official Nmap project guide to network discovery and security scanning. Insecure. Com LLC (US) (2008)
MacFarland, D.C., Shue, C.A.: The SDN shuffle: creating a moving-target defense using host-based software-defined networking. In: Proceedings of the Second ACM Workshop on Moving Target Defense, MTD 2015, pp. 37–41 (2015). https://doi.org/10.1145/2808475.2808485
Manadhata, P.K.: Game theoretic approaches to attack surface shifting. In: Jajodia, S., Ghosh, A.K., Subrahmanian, V., Swarup, V., Wang, C., Wang, X.S. (eds.) Moving Target Defense II, pp. 1–13 (2013). https://doi.org/10.1007/978-1-4614-5416-8_1
MITRE ATT&CK (2019). https://attack.mitre.org/. Accessed 20 Feb 2021
Paulos, A., Pal, P., Schantz, R., Benyo, B.: Moving target defense (MTD) in an adaptive execution environment. In: Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop, CSIIRW 2013 (2013). https://doi.org/10.1145/2459976.2460045
Duan, Q., Al-Shaer, E., Jafarian, H.: Efficient random route mutation considering flow and network constraints. In: 2013 IEEE Conference on Communications and Network Security (CNS), pp. 260–268 (2013)
Rohitaksha, K., Rajendra, A.B.: Analysis of POX and Ryu controllers using topology based hybrid software defined networks. In: Karrupusamy, P., Chen, J., Shi, Y. (eds.) ICSCN 2019. LNDECT, vol. 39, pp. 49–56. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-34515-0_6
Sharma, D.P., Kim, D.S., Yoon, S., Lim, H., Cho, J.H., Moore, T.J.: FRVM: flexible random virtual IP multiplexing in software-defined networks. In: 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), pp. 579–587 (2018)
Strom, B.E., Applebaum, A., Miller, D.P., Nickels, K.C., Pennington, A.G., Thomas, C.B.: MITRE ATT&CK: design and philosophy. MITRE Product MP, pp. 18–0944 (2018)
Vadlamud, S., et al.: Moving target defense for web applications using Bayesian stackelberg games. In: AAMAS 2016 - Proceedings of the 2016 International Conference on Autonomous Agents and Multiagent Systems, pp. 1377–1378 (2016)
Van Leeuwen, B.P., Stout, W.M.S., Urias, V.E.: Empirical assessment of network-based moving target defense approaches. In: MILCOM 2016–2016 IEEE Military Communications Conference, pp. 764–769 (2016)
VirtualBox. https://www.virtualbox.org/, https://www.virtualbox.org/. Accessed 20 Feb 2021
Xu, J., Guo, P., Zhao, M., Erbacher, R.F., Zhu, M., Liu, P.: Comparing different moving target defense techniques. In: Proceedings of the First ACM Workshop on Moving Target Defense, MTD 2014, pp. 97–107 (2014). https://doi.org/10.1145/2663474.2663486
Yoon, S., Cho, J.H., Kim, D.S., Moore, T.J., Free-Nelson, F., Lim, H.: Attack graph-based moving target defense in software-defined networks. IEEE Trans. Netw. Serv. Manage. 17(3), 1653–1668 (2020)
Zhuang, R., DeLoach, S.A., Ou, X.: Towards a theory of moving target defense. In: Proceedings of the First ACM Workshop on Moving Target Defense, pp. 31–40 (2014). https://doi.org/10.1145/2663474.2663479
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Acosta, J.C., Clarke, L., Medina, S., Akbar, M., Shahriar Hossain, M., Free-Nelson, F. (2021). Repeatable Experimentation for Cybersecurity Moving Target Defense. In: Garcia-Alfaro, J., Li, S., Poovendran, R., Debar, H., Yung, M. (eds) Security and Privacy in Communication Networks. SecureComm 2021. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 398. Springer, Cham. https://doi.org/10.1007/978-3-030-90019-9_5
Download citation
DOI: https://doi.org/10.1007/978-3-030-90019-9_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-90018-2
Online ISBN: 978-3-030-90019-9
eBook Packages: Computer ScienceComputer Science (R0)