Advertisement

A Framework for Moving Target Defense Quantification

  • Warren Connell
  • Massimiliano Albanese
  • Sridhar Venkatesan
Conference paper
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 502)

Abstract

Moving Target Defense (MTD) has emerged as a game changer in the security landscape, as it can create asymmetric uncertainty favoring the defender. Despite the significant work done in this area and the many different techniques that have been proposed, MTD has not yet gained widespread adoption due to several limitations. Specifically, interactions between multiple techniques have not been studied yet and a unified framework for quantifying and comparing very diverse techniques is still lacking. To overcome these limitations, we propose a framework to model how different MTD techniques can affect the information an attacker needs to exploit a system’s vulnerabilities, so as to introduce uncertainty and reduce the likelihood of successful attacks. We illustrate how this framework can be used to compare two sets of MTDs, and to select an optimal set of MTDs that maximize security within a given budget. Experimental results show that our approach is effective.

Keywords

Moving target defense MTD quantification Framework 

References

  1. 1.
    Alomari, F., Menascé, D.A.: An autonomic framework for integrating security and quality of service support in databases. In: Proceedings of the 6th International Conference on Software Security and Reliability (SERE 2012), Gaithersburg, MD, USA, pp. 51–60, June 2012Google Scholar
  2. 2.
    Boyd, S.W., Keromytis, A.D.: SQLrand: preventing SQL injection attacks. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 292–302. Springer, Heidelberg (2004). doi: 10.1007/978-3-540-24852-1_21 CrossRefGoogle Scholar
  3. 3.
    Carroll, T.E., Crouse, M., Fulp, E.W., Berenhaut, K.S.: Analysis of network address shuffling as a moving target defense. In: IEEE International Conference on Communications (ICC 2014), Sydney, Australia, pp. 701–706, June 2014Google Scholar
  4. 4.
    Chen, S.G.: Reduced recursive inclusion-exclusion principle for the probability of union events. In: Proceedings of the IEEE International Conference on Industrial Engineering and Engineering Management (IEEM 2014), Malaysia, pp. 11–13, December 2014Google Scholar
  5. 5.
    Christey, S.: 2011 CWE/SANS top. 25 most dangerous software errors (2011). http://cwe.mitre.org/top.25/
  6. 6.
    Farris, K.A., Cybenko, G.: Quantification of moving target cyber defenses. In: Proceedings of SPIE Defense + Security 2015, Baltimore, MD, USA, April 2015Google Scholar
  7. 7.
    Howard, M., LeBlanc, D.: Writing Secure Code. Microsoft Press, Redmond (2002)Google Scholar
  8. 8.
    Jafarian, J.H., Qi Duan, E.A.S.: Spatio-temporal address mutation for proactive cyber agility against sophisticated attackers. In: Proceedings of the 1st ACM Workshop on Moving Target Defense (MTD 2014), Scottsdale, AZ, USA, pp. 69–78. ACM (2014)Google Scholar
  9. 9.
    Jajodia, S., Ghosh, A.K., Swarup, V., Wang, C., Wang, X.S. (eds.): Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats, Advances in Information Security, 1st edn., vol. 54. Springer, New York (2011)Google Scholar
  10. 10.
    Jajodia, S., Noel, S., O’Berry, B.: Topological analysis of network attack vulnerability. In: Kumar, V., Srivastava, J., Lazarevic, A. (eds.) Managing Cyber Threats: Issues, Approaches, and Challenges, Massive Computing, vol. 5, pp. 247–266. Springer, USA (2005)CrossRefGoogle Scholar
  11. 11.
    Lasdon, L.S., Fox, R.L., Ratner, M.W.: Nonlinear optimization using the generalized reduced gradient method. Revue française d’automatique, d’informatique et de recherche opérationnelle. Recherche opérationnelle 8(3), 73–103 (1974)Google Scholar
  12. 12.
    Okhravi, H., Rabe, M.A., Mayberry, T.J., Leonard, W.G., Hobson, T.R., Bigelow, D., Streilein, W.W.: Survey of cyber moving targets. Technical report 1166, MIT Lincoln Laboratory, Lexington. MA, USA, September 2013Google Scholar
  13. 13.
    Shacham, H., Page, M., Pfaff, B., Go, E.J., Modadugu, N., Boneh, D.: On the effectiveness of address-space randomization. In: Proceedings of the 11th ACM Conference on Computer and Communications Security (CCS 2004), Washington DC, USA, pp. 298–307. ACM, October 2004Google Scholar
  14. 14.
    Soule, N., Simidchieva, B., Yaman, F., Watro, R., Loyall, J., Atighetchi, M., Carvalho, M., Last, D., Myers, D., Flatley, B.: Quantifying minimizing attack surfaces containing moving target defenses. In: Proceedings of the Resilience Week (RWS 2015), August 2015Google Scholar
  15. 15.
    Wang, L., Islam, T., Long, T., Singhal, A., Jajodia, S.: An attack graph-based probabilistic security metric. In: Atluri, V. (ed.) DBSec 2008. LNCS, vol. 5094, pp. 283–296. Springer, Heidelberg (2008). doi: 10.1007/978-3-540-70567-3_22 CrossRefGoogle Scholar
  16. 16.
    Zaffarano, K., Taylor, J., Hamilton, S.: A quantitative framework for moving target defense effectiveness evaluation. In: Proceedings of the 2nd ACM Workshop on Moving Target Defense (MTD 2015), Denver, CO, USA, pp. 3–10. ACM, October 2015Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2017

Authors and Affiliations

  • Warren Connell
    • 1
  • Massimiliano Albanese
    • 1
  • Sridhar Venkatesan
    • 1
  1. 1.George Mason UniversityFairfaxUSA

Personalised recommendations