TY - JOUR
T1 - Assessing the Effectiveness of Moving Target Defenses Using Security Models
AU - Hong, Jin B.
AU - Kim, Dong Seong
PY - 2016/3/1
Y1 - 2016/3/1
N2 - Cyber crime is a developing concern, where criminals are targeting valuable assets and critical infrastructures within networked systems, causing a severe socio-economic impact on enterprises and individuals. Adopting moving target defense (MTD) helps thwart cyber attacks by continuously changing the attack surface. There are numerous MTD techniques proposed in various domains (e.g., virtualized network, wireless sensor network), but there is still a lack of methods to assess and compare the effectiveness of them. Security models, such as an attack graph (AG), provide a formal method of analyzing the security, but incorporating MTD techniques in those security models has not been studied. In this paper, we incorporate MTD techniques into a security model, namely a hierarchical attack representation model (HARM), to assess the effectiveness of them. In addition, we use importance measures (IMs) for deploying MTD techniques to enhance the scalability. Finally, we compare the scalability of AG and HARM when deploying MTD techniques, as well as changes in performance and security in our experiments.
AB - Cyber crime is a developing concern, where criminals are targeting valuable assets and critical infrastructures within networked systems, causing a severe socio-economic impact on enterprises and individuals. Adopting moving target defense (MTD) helps thwart cyber attacks by continuously changing the attack surface. There are numerous MTD techniques proposed in various domains (e.g., virtualized network, wireless sensor network), but there is still a lack of methods to assess and compare the effectiveness of them. Security models, such as an attack graph (AG), provide a formal method of analyzing the security, but incorporating MTD techniques in those security models has not been studied. In this paper, we incorporate MTD techniques into a security model, namely a hierarchical attack representation model (HARM), to assess the effectiveness of them. In addition, we use importance measures (IMs) for deploying MTD techniques to enhance the scalability. Finally, we compare the scalability of AG and HARM when deploying MTD techniques, as well as changes in performance and security in our experiments.
KW - Attack Graph
KW - Attack Tree
KW - Importance Measures
KW - Moving Target Defense
KW - Security Analysis
UR - http://www.scopus.com/inward/record.url?scp=84963984582&partnerID=8YFLogxK
U2 - 10.1109/TDSC.2015.2443790
DO - 10.1109/TDSC.2015.2443790
M3 - Article
AN - SCOPUS:84963984582
SN - 1545-5971
VL - 13
SP - 163
EP - 177
JO - IEEE Transactions on Dependable and Secure Computing
JF - IEEE Transactions on Dependable and Secure Computing
IS - 2
M1 - 7122306
ER -