ABSTRACT
Moving Target Defense(MTD) provides a promising solution to reduce the chance of weakness exposure by constantly changing the target's attack surface. Though lots of MTD technologies have been researched to defend network attacks, there is little systematic study on security assessment of MTD. This paper proposes a novel method to quantify the security of MTD system which based on three factors: Vulnerability Entropy, Attack Entropy and Attenuation Entropy. This assessment model provides a theoretical and practical guidance for building MTD system and improving MTD technology.
- S. Jajodia et al., Moving-Target Defense: Creating Asymmetric Uncertainty for Cyber Threats, Springer(2011) Google ScholarDigital Library
- Shacham, Hovav, et al. On the effectiveness of address-space randomization. the 11th ACM conference on Computer and communications security.(2004). Google ScholarDigital Library
- Gaurav S. Kc et al. Countering Code-Injection Attacks with Instruction-Set Randomization. In 10th ACM Conference on Computer and Communications Security (CCS)(2003) Google ScholarDigital Library
- A. Nguyen-Tuong et al., Security through Redundant Data Diversity. Proc. IEEE Int'l Conf. Dependable Systems and Networks with FTCS and DCC(2008).Google Scholar
- Xu, Jun, et al. Comparing Different Moving Target Defense Techniques. Proceedings of the First ACM Workshop on Moving Target Defense. ACM(2014). Google ScholarDigital Library
- Manadhata P K, Wing J M. A formal model for a system's attack surface{M}. Springer New York(2011)Google Scholar
Index Terms
- Quantitative Security Assessment Method based on Entropy for Moving Target Defense
Recommendations
Towards a Theory of Moving Target Defense
MTD '14: Proceedings of the First ACM Workshop on Moving Target DefenseThe static nature of cyber systems gives attackers the advantage of time. Fortunately, a new approach, called the Moving Target Defense (MTD) has emerged as a potential solution to this problem. While promising, there is currently little research to ...
Moving Target Defense Against Injection Attacks
Algorithms and Architectures for Parallel ProcessingAbstractWith the development of network technology, web services become more convenient and popular. However, web services are also facing serious security threats, especially SQL injection attack(SQLIA). Due to the diversity of attack techniques and the ...
Insider Threat Mitigation Using Moving Target Defense and Deception
MIST '17: Proceedings of the 2017 International Workshop on Managing Insider Security ThreatsThe insider threat has been subject of extensive study and many approaches from technical perspective to behavioral perspective and psychological perspective have been proposed to detect or mitigate it. However, it still remains one of the most ...
Comments