Model-driven, Moving-Target Defense for Enterprise Network Security

  • Scott A. DeLoach
  • Xinming Ou
  • Rui Zhuang
  • Su Zhang
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8378)


This chapter presents the design and initial simulation results for a prototype moving-target defense (MTD) system, whose goal is to significantly increase the difficulty of attacks on enterprise networks. Most networks are static, which gives attacker’s a great advantage. Services are run on well-known ports at fixed, easily identifiable IP addresses. The goal of an MTD system is to eliminate the static nature of networks by continuously adapting their configuration over time in ways that seems random or chaotic to attackers, thus negating their advantage. The novelty of our approach lies in the use of runtime models that explicitly capture a network’s operational and security goals, the functionality required to achieve those goals, and the configuration of the system. The MTD system reasons over these models to determine how to make changes to the system that are invisible to users but appear chaotic to an attacker. Our system uses these runtime models to analyze both known and unknown vulnerabilities to ensure that adaptations occur often enough and in the right ways to protect the system against external attacks.


Runtime models moving target defense adaptive systems network security 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Antonatos, S., Akritidis, P., Markatos, E.P., Anagnostakis, K.G.: Defending against hitlist worms using network address space randomization. Computer Networks: The International Journal of Computer and Telecommunications Networking 51, 3471–3490 (2007)CrossRefzbMATHGoogle Scholar
  2. 2.
    Atighetchi, M., Pal, P., Webber, F., Jones, C.: Adaptive Use of Network-Centric Mechanisms in Cyber-Defense. In: Proceedings of the Sixth IEEE International Symposium on Object-Oriented Real-Time Distributed Computing (ISORC 2003), pp. 183–192. IEEE Computer Society, Washington, DC (2003)CrossRefGoogle Scholar
  3. 3.
    Bahl, P., Chandra, R., Greenberg, A., Kandula, S., Maltz, D.A., Zhang, M.: Towards highly reliable enterprise network services via inference of multi-level dependencies. In: Proceedings of the 2007 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications (SIGCOMM 2007), pp. 13–24. ACM, New York (2007)Google Scholar
  4. 4.
    Barrett, D.: Hackers Penetrate Nasdaq Computers. Wall Street Journal, (February 5, 2011)
  5. 5.
    Bencomo, N., Whittle, J., Sawyer, P., Finkelstein, A., Letier, E.: Requirements reflection: Requirements as runtime entities. In: Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering (ICSE 2010), vol. 2, pp. 199–202. ACM, New York (2010)CrossRefGoogle Scholar
  6. 6.
    Chen, X., Zhang, M., Mao, Z.M., Bahl, V.: Automating Network Application Dependency Discovery: Experiences, Limitations, and New Solutions. In: Proceedings of the 8th USENIX Conference on Operating Systems Design and Implementation (OSDI 2008), pp. 117–130. USENIX Association, Berkeley (2008)Google Scholar
  7. 7.
    Compton, M.D., Hopkinson, K.M., Peterson, G.L., Moore, J.T.: Network Obfuscation Through Polymorphic Routing and Topology Control. IEEE Transactions on Dependable and Secure Computing (2012) (in preparation)Google Scholar
  8. 8.
    Dardenne, D., van Lamsweerde, A., Fickas, S.: Goal-directed requirements acquisition. Science of Computer Programming 20, 3–50 (1993)CrossRefzbMATHGoogle Scholar
  9. 9.
    DeLoach, S.A., Miller, M.: A Goal Model for Adaptive Complex Systems. International Journal of Computational Intelligence: Theory and Practice 5, 83–92 (2010)Google Scholar
  10. 10.
    DeLoach, S.A., Oyenan, W., Matson, E.T.: A Capabilities-Based Model for Artificial Organizations. Journal of Autonomous Agents and Multiagent Systems 16, 13–56 (2008)CrossRefGoogle Scholar
  11. 11.
    DeLoach, S.A., Ou, X.: A Value Based Goal Model. Multiagent and Cooperative Robotics Laboratory Technical Report No. MACR-TR-2011-01. Kansas State University (2011)Google Scholar
  12. 12.
    DeLoach, S.A., Wood, M.F., Sparkman, C.H.: Multiagent Systems Engineering. The Intl. Journal of Software Engineering and Knowledge Engineering 11, 231–258 (2001)CrossRefGoogle Scholar
  13. 13.
    Grimaila, M.R., Fortson, L.W., Sutton, J.L.: Design Considerations for a Cyber Incident Mission Impact Assessment (CIMIA) Process. In: Proceedings of the 2009 International Conference on Security and Management, SAM 2009 (2009)Google Scholar
  14. 14.
    Hellesen, D., Grimaila, M.R.: Information Asset Value Quantification. In: Proceedings of the 2010 International Conference on Information Warfare and Security (ICIW 2010), pp. 138–147 (2010)Google Scholar
  15. 15.
    Joukov, N., Pfitzmann, B., Ramasamy, H.V., Devarakonda, M.V.: Application-storage discovery. In: Proceedings of the 3rd Annual Haifa Experimental Systems Conference (SYSTOR). ACM, New York (2010)Google Scholar
  16. 16.
    Kewley, D.L., Bouchard, J.F.: DARPA Information Assurance Program dynamic defense experiment summary. Systems, Man and Cybernetics, Part A: Systems and Humans 31, 331–336 (2001)CrossRefGoogle Scholar
  17. 17.
    Lippmann, K.W., Ingols, C., Piwowarski, S.K., Kratkiewicz, K.J., Artz, M., Cunningham, R.K.: Evaluating and strengthening enterprise network security using attack graphs. Technical Report. MIT Lincoln Laboratory (2005)Google Scholar
  18. 18.
    McQueen, M., McQueen, T., Boyer, W., Chaffin, M.: Empirical estimates and observations of 0day vulnerabilities. In: 42nd Hawaii International Conference on System Sciences, pp. 1–12 (2009)Google Scholar
  19. 19.
    Michalski, J., Price, C., Stanton, E., Chua, E.L., Seah, K., Heng, W.Y., Pheng, T.C.: Final Report for the Network Security Mechanisms Utilizing Network Address Translation LDRD Project. Technical Report SAND2002-3613. Sandia National Laboratories (2002)Google Scholar
  20. 20.
    National Cyber Leap Year Summit 2009, Co-Chairs’ Report. (September 16, 2009)Google Scholar
  21. 21.
    Ou, X., Boyer, W.F., McQueen, M.A.: A scalable approach to attack graph generation. In: 13th ACM Conference on Computer and Communications Security, pp. 336–345. ACM, New York (2006)Google Scholar
  22. 22.
    Ou, X., Govindavajhala, S., Appel, A.W.: MulVAL: A logic-based network security analyzer. In: 14th USENIX Security Symposium, Baltimore, Maryland, U.S.A (August 2005)Google Scholar
  23. 23.
    Ou, X., Rajagopalan, S.R., Sakthivelmurugan, S.: An empirical approach to modeling uncertainty in intrusion analysis. In: Annual Computer Security Applications Conference, pp. 494–503 (December 2009)Google Scholar
  24. 24.
    Roeder, T., Schneider, F.B.: Proactive obfuscation. ACM Trans. Comput. Syst. 28, 4:1–4:54 (2010)Google Scholar
  25. 25.
    Sawyer, P., Bencomo, N., Whittle, J., Letier, E., Finkelstein, A.: Requirements-Aware Systems: A Research Agenda for RE for Self-adaptive Systems. In: Proceedings of 18th IEEE International Requirements Engineering Conference, pp. 95–103. IEEE Press, New York (2010)Google Scholar
  26. 26.
    Schmidt, S., Bye, R., Chinnow, J., Bsufka, K., Camtepe, A., Albayrak, S.: Application-level Simulation for Network Security. SIMULATION 86, 311–330 (2010)CrossRefGoogle Scholar
  27. 27.
    Shannon, C.E.: A Mathematical Theory of Communication. Bell Syst. Technical Journal 27(3), 379–423 (1948)MathSciNetCrossRefzbMATHGoogle Scholar
  28. 28.
    Sundaramurthy, S.C., Zomlot, L., Ou, X.: Practical IDS alert correlation in the face of dynamic threats. In: International Conference on Security and Management (2011)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Scott A. DeLoach
    • 1
  • Xinming Ou
    • 1
  • Rui Zhuang
    • 1
  • Su Zhang
    • 1
  1. 1.Department of Computing and Information SciencesKansas State UniversityManhattanUSA

Personalised recommendations