Comprehensive Security Assessment of Combined MTD Techniques for the Cloud

Hooman Alavizadeh, Jin Bum Hong, Julian Jang-Jaccard, Dong Seong Kim

Research output: Chapter in Book/Conference paperConference paper

6 Citations (Scopus)

Abstract

Moving Target Defense (MTD) is a proactive security solution, which can be utilized by cloud computing in order to thwart cyber attacks. Many MTD techniques have been proposed, but there is still a lack of systematic evaluation methods for assessing the effectiveness of the proposed MTD techniques, especially when multiple MTD techniques are to be used in combinations. In this paper, we aim to address the aforementioned issue by proposing an approach for modeling and analysis of MTD techniques. We consider four security metrics: system risk, attack cost, return on attack, and availability to quantify the security of the cloud before and after deploying MTD techniques. Moreover, we propose a Diversity MTD technique to deploy OS diversification with various variants on multiple VMs and also combined Shuffle, Diversity, and Redundancy MTD techniques to improve the security of the cloud. We analyze the security metrics before and after deploying the proposed techniques to show the effectiveness of them. We also utilize importance measures based on network centrality measures into security analysis phase to improve the scalability of the MTD evaluation.
Original languageEnglish
Title of host publicationProceedings of the 5th ACM Workshop on Moving Target Defense
EditorsMassimiliano Albanese, Dijiang Huang
Place of PublicationUnited States
PublisherAssociation for Computing Machinery (ACM)
Pages11-20
ISBN (Print)9781450360036
DOIs
Publication statusPublished - 2018
Event5th ACM Workshop on Moving Target Defense - Toronto, Canada
Duration: 15 Oct 201815 Oct 2018

Conference

Conference5th ACM Workshop on Moving Target Defense
CountryCanada
CityToronto
Period15/10/1815/10/18

Fingerprint Dive into the research topics of 'Comprehensive Security Assessment of Combined MTD Techniques for the Cloud'. Together they form a unique fingerprint.

Cite this