Assessing the Effectiveness of Moving Target Defenses Using Security Models

Jin B. Hong, Dong Seong Kim

Research output: Contribution to journalArticle

56 Citations (Scopus)

Abstract

Cyber crime is a developing concern, where criminals are targeting valuable assets and critical infrastructures within networked systems, causing a severe socio-economic impact on enterprises and individuals. Adopting moving target defense (MTD) helps thwart cyber attacks by continuously changing the attack surface. There are numerous MTD techniques proposed in various domains (e.g., virtualized network, wireless sensor network), but there is still a lack of methods to assess and compare the effectiveness of them. Security models, such as an attack graph (AG), provide a formal method of analyzing the security, but incorporating MTD techniques in those security models has not been studied. In this paper, we incorporate MTD techniques into a security model, namely a hierarchical attack representation model (HARM), to assess the effectiveness of them. In addition, we use importance measures (IMs) for deploying MTD techniques to enhance the scalability. Finally, we compare the scalability of AG and HARM when deploying MTD techniques, as well as changes in performance and security in our experiments.

Original languageEnglish
Article number7122306
Pages (from-to)163-177
Number of pages15
JournalIEEE Transactions on Dependable and Secure Computing
Volume13
Issue number2
DOIs
Publication statusPublished - 1 Mar 2016
Externally publishedYes

    Fingerprint

Cite this