Comprehensive Security Assessment of Combined MTD Techniques for the Cloud

Hooman Alavizadeh, Jin Bum Hong, Julian Jang-Jaccard, Dong Seong Kim

Research output: Chapter in Book/Conference paperConference paper

1 Citation (Scopus)

Abstract

Moving Target Defense (MTD) is a proactive security solution, which can be utilized by cloud computing in order to thwart cyber attacks. Many MTD techniques have been proposed, but there is still a lack of systematic evaluation methods for assessing the effectiveness of the proposed MTD techniques, especially when multiple MTD techniques are to be used in combinations. In this paper, we aim to address the aforementioned issue by proposing an approach for modeling and analysis of MTD techniques. We consider four security metrics: system risk, attack cost, return on attack, and availability to quantify the security of the cloud before and after deploying MTD techniques. Moreover, we propose a Diversity MTD technique to deploy OS diversification with various variants on multiple VMs and also combined Shuffle, Diversity, and Redundancy MTD techniques to improve the security of the cloud. We analyze the security metrics before and after deploying the proposed techniques to show the effectiveness of them. We also utilize importance measures based on network centrality measures into security analysis phase to improve the scalability of the MTD evaluation.
Original languageEnglish
Title of host publicationProceedings of the 5th ACM Workshop on Moving Target Defense
EditorsMassimiliano Albanese, Dijiang Huang
Place of PublicationUnited States
PublisherAssociation for Computing Machinery (ACM)
Pages11-20
ISBN (Print)9781450360036
DOIs
Publication statusPublished - 2018
Event5th ACM Workshop on Moving Target Defense - Toronto, Canada
Duration: 15 Oct 201815 Oct 2018

Conference

Conference5th ACM Workshop on Moving Target Defense
CountryCanada
CityToronto
Period15/10/1815/10/18

Fingerprint

Metric system
Cloud computing
Redundancy
Scalability
Availability
Costs

Cite this

Alavizadeh, H., Hong, J. B., Jang-Jaccard, J., & Kim, D. S. (2018). Comprehensive Security Assessment of Combined MTD Techniques for the Cloud. In M. Albanese, & D. Huang (Eds.), Proceedings of the 5th ACM Workshop on Moving Target Defense (pp. 11-20). United States: Association for Computing Machinery (ACM). https://doi.org/10.1145/3268966.3268967
Alavizadeh, Hooman ; Hong, Jin Bum ; Jang-Jaccard, Julian ; Kim, Dong Seong. / Comprehensive Security Assessment of Combined MTD Techniques for the Cloud. Proceedings of the 5th ACM Workshop on Moving Target Defense. editor / Massimiliano Albanese ; Dijiang Huang. United States : Association for Computing Machinery (ACM), 2018. pp. 11-20
@inproceedings{a0ed4a770fd042ab8c1b8cbb92fa8f34,
title = "Comprehensive Security Assessment of Combined MTD Techniques for the Cloud",
abstract = "Moving Target Defense (MTD) is a proactive security solution, which can be utilized by cloud computing in order to thwart cyber attacks. Many MTD techniques have been proposed, but there is still a lack of systematic evaluation methods for assessing the effectiveness of the proposed MTD techniques, especially when multiple MTD techniques are to be used in combinations. In this paper, we aim to address the aforementioned issue by proposing an approach for modeling and analysis of MTD techniques. We consider four security metrics: system risk, attack cost, return on attack, and availability to quantify the security of the cloud before and after deploying MTD techniques. Moreover, we propose a Diversity MTD technique to deploy OS diversification with various variants on multiple VMs and also combined Shuffle, Diversity, and Redundancy MTD techniques to improve the security of the cloud. We analyze the security metrics before and after deploying the proposed techniques to show the effectiveness of them. We also utilize importance measures based on network centrality measures into security analysis phase to improve the scalability of the MTD evaluation.",
author = "Hooman Alavizadeh and Hong, {Jin Bum} and Julian Jang-Jaccard and Kim, {Dong Seong}",
year = "2018",
doi = "10.1145/3268966.3268967",
language = "English",
isbn = "9781450360036",
pages = "11--20",
editor = "Albanese, {Massimiliano } and Huang, {Dijiang }",
booktitle = "Proceedings of the 5th ACM Workshop on Moving Target Defense",
publisher = "Association for Computing Machinery (ACM)",
address = "United States",

}

Alavizadeh, H, Hong, JB, Jang-Jaccard, J & Kim, DS 2018, Comprehensive Security Assessment of Combined MTD Techniques for the Cloud. in M Albanese & D Huang (eds), Proceedings of the 5th ACM Workshop on Moving Target Defense. Association for Computing Machinery (ACM), United States, pp. 11-20, 5th ACM Workshop on Moving Target Defense, Toronto, Canada, 15/10/18. https://doi.org/10.1145/3268966.3268967

Comprehensive Security Assessment of Combined MTD Techniques for the Cloud. / Alavizadeh, Hooman; Hong, Jin Bum; Jang-Jaccard, Julian; Kim, Dong Seong.

Proceedings of the 5th ACM Workshop on Moving Target Defense. ed. / Massimiliano Albanese; Dijiang Huang. United States : Association for Computing Machinery (ACM), 2018. p. 11-20.

Research output: Chapter in Book/Conference paperConference paper

TY - GEN

T1 - Comprehensive Security Assessment of Combined MTD Techniques for the Cloud

AU - Alavizadeh, Hooman

AU - Hong, Jin Bum

AU - Jang-Jaccard, Julian

AU - Kim, Dong Seong

PY - 2018

Y1 - 2018

N2 - Moving Target Defense (MTD) is a proactive security solution, which can be utilized by cloud computing in order to thwart cyber attacks. Many MTD techniques have been proposed, but there is still a lack of systematic evaluation methods for assessing the effectiveness of the proposed MTD techniques, especially when multiple MTD techniques are to be used in combinations. In this paper, we aim to address the aforementioned issue by proposing an approach for modeling and analysis of MTD techniques. We consider four security metrics: system risk, attack cost, return on attack, and availability to quantify the security of the cloud before and after deploying MTD techniques. Moreover, we propose a Diversity MTD technique to deploy OS diversification with various variants on multiple VMs and also combined Shuffle, Diversity, and Redundancy MTD techniques to improve the security of the cloud. We analyze the security metrics before and after deploying the proposed techniques to show the effectiveness of them. We also utilize importance measures based on network centrality measures into security analysis phase to improve the scalability of the MTD evaluation.

AB - Moving Target Defense (MTD) is a proactive security solution, which can be utilized by cloud computing in order to thwart cyber attacks. Many MTD techniques have been proposed, but there is still a lack of systematic evaluation methods for assessing the effectiveness of the proposed MTD techniques, especially when multiple MTD techniques are to be used in combinations. In this paper, we aim to address the aforementioned issue by proposing an approach for modeling and analysis of MTD techniques. We consider four security metrics: system risk, attack cost, return on attack, and availability to quantify the security of the cloud before and after deploying MTD techniques. Moreover, we propose a Diversity MTD technique to deploy OS diversification with various variants on multiple VMs and also combined Shuffle, Diversity, and Redundancy MTD techniques to improve the security of the cloud. We analyze the security metrics before and after deploying the proposed techniques to show the effectiveness of them. We also utilize importance measures based on network centrality measures into security analysis phase to improve the scalability of the MTD evaluation.

U2 - 10.1145/3268966.3268967

DO - 10.1145/3268966.3268967

M3 - Conference paper

SN - 9781450360036

SP - 11

EP - 20

BT - Proceedings of the 5th ACM Workshop on Moving Target Defense

A2 - Albanese, Massimiliano

A2 - Huang, Dijiang

PB - Association for Computing Machinery (ACM)

CY - United States

ER -

Alavizadeh H, Hong JB, Jang-Jaccard J, Kim DS. Comprehensive Security Assessment of Combined MTD Techniques for the Cloud. In Albanese M, Huang D, editors, Proceedings of the 5th ACM Workshop on Moving Target Defense. United States: Association for Computing Machinery (ACM). 2018. p. 11-20 https://doi.org/10.1145/3268966.3268967