Dynamic security metrics for measuring the effectiveness of Moving Target Defense techniques

Jin Bum Hong, Simon Yusuf Enoch, Dong Seong Kim, Armstrong Nhlabatsi, Noora Fetais, Khaled M.D. Khan

Research output: Contribution to journalArticle

Abstract

Moving Target Defense (MTD) utilizes granularity, flexibility and elasticity properties of emerging networking technologies in order to continuously change the attack surface. There are many different MTD techniques proposed in the past decade to thwart cyberattacks. Due to the diverse range of different MTD techniques, it is of paramount importance to assess and compare their effectiveness. However, each technique causes distinct (dynamic) changes in the network, making an objective comparison difficult. In this paper, we incorporate MTD techniques into a temporal graph-based graphical security model, and develop a new set of dynamic security metrics to assess and compare their effectiveness. To this end, we first categorize and compare different attack and defense efforts. Second, we describe the temporal graph-based graphical security model to capture dynamic changes made by various MTD techniques in the network. We then develop a new set of security metrics for attack and defense efforts to evaluate the effectiveness of the MTD techniques. We implement two different MTD techniques, namely network topology shuffle and software diversity, and show their effectiveness against a targeted attack scenario in our experimental analysis. The results demonstrate that the proposed dynamic security metrics can capture different properties of MTD techniques, permitting a more fine-grained comparison and offering guidance for selecting the most effective MTD technique.
Original languageEnglish
Pages (from-to)33-52
JournalComputers & Security
Volume79
DOIs
Publication statusPublished - Nov 2018

Fingerprint

Elasticity
Topology
networking
flexibility
scenario
cause
software

Cite this

Hong, Jin Bum ; Enoch, Simon Yusuf ; Kim, Dong Seong ; Nhlabatsi, Armstrong ; Fetais, Noora ; Khan, Khaled M.D. / Dynamic security metrics for measuring the effectiveness of Moving Target Defense techniques. In: Computers & Security. 2018 ; Vol. 79. pp. 33-52.
@article{431dfd13b02e4a7e800a0829b4848ae8,
title = "Dynamic security metrics for measuring the effectiveness of Moving Target Defense techniques",
abstract = "Moving Target Defense (MTD) utilizes granularity, flexibility and elasticity properties of emerging networking technologies in order to continuously change the attack surface. There are many different MTD techniques proposed in the past decade to thwart cyberattacks. Due to the diverse range of different MTD techniques, it is of paramount importance to assess and compare their effectiveness. However, each technique causes distinct (dynamic) changes in the network, making an objective comparison difficult. In this paper, we incorporate MTD techniques into a temporal graph-based graphical security model, and develop a new set of dynamic security metrics to assess and compare their effectiveness. To this end, we first categorize and compare different attack and defense efforts. Second, we describe the temporal graph-based graphical security model to capture dynamic changes made by various MTD techniques in the network. We then develop a new set of security metrics for attack and defense efforts to evaluate the effectiveness of the MTD techniques. We implement two different MTD techniques, namely network topology shuffle and software diversity, and show their effectiveness against a targeted attack scenario in our experimental analysis. The results demonstrate that the proposed dynamic security metrics can capture different properties of MTD techniques, permitting a more fine-grained comparison and offering guidance for selecting the most effective MTD technique.",
author = "Hong, {Jin Bum} and Enoch, {Simon Yusuf} and Kim, {Dong Seong} and Armstrong Nhlabatsi and Noora Fetais and Khan, {Khaled M.D.}",
year = "2018",
month = "11",
doi = "10.1016/j.cose.2018.08.003",
language = "English",
volume = "79",
pages = "33--52",
journal = "Computers and Security",
issn = "0167-4048",
publisher = "Elsevier",

}

Dynamic security metrics for measuring the effectiveness of Moving Target Defense techniques. / Hong, Jin Bum; Enoch, Simon Yusuf; Kim, Dong Seong; Nhlabatsi, Armstrong; Fetais, Noora; Khan, Khaled M.D.

In: Computers & Security, Vol. 79, 11.2018, p. 33-52.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Dynamic security metrics for measuring the effectiveness of Moving Target Defense techniques

AU - Hong, Jin Bum

AU - Enoch, Simon Yusuf

AU - Kim, Dong Seong

AU - Nhlabatsi, Armstrong

AU - Fetais, Noora

AU - Khan, Khaled M.D.

PY - 2018/11

Y1 - 2018/11

N2 - Moving Target Defense (MTD) utilizes granularity, flexibility and elasticity properties of emerging networking technologies in order to continuously change the attack surface. There are many different MTD techniques proposed in the past decade to thwart cyberattacks. Due to the diverse range of different MTD techniques, it is of paramount importance to assess and compare their effectiveness. However, each technique causes distinct (dynamic) changes in the network, making an objective comparison difficult. In this paper, we incorporate MTD techniques into a temporal graph-based graphical security model, and develop a new set of dynamic security metrics to assess and compare their effectiveness. To this end, we first categorize and compare different attack and defense efforts. Second, we describe the temporal graph-based graphical security model to capture dynamic changes made by various MTD techniques in the network. We then develop a new set of security metrics for attack and defense efforts to evaluate the effectiveness of the MTD techniques. We implement two different MTD techniques, namely network topology shuffle and software diversity, and show their effectiveness against a targeted attack scenario in our experimental analysis. The results demonstrate that the proposed dynamic security metrics can capture different properties of MTD techniques, permitting a more fine-grained comparison and offering guidance for selecting the most effective MTD technique.

AB - Moving Target Defense (MTD) utilizes granularity, flexibility and elasticity properties of emerging networking technologies in order to continuously change the attack surface. There are many different MTD techniques proposed in the past decade to thwart cyberattacks. Due to the diverse range of different MTD techniques, it is of paramount importance to assess and compare their effectiveness. However, each technique causes distinct (dynamic) changes in the network, making an objective comparison difficult. In this paper, we incorporate MTD techniques into a temporal graph-based graphical security model, and develop a new set of dynamic security metrics to assess and compare their effectiveness. To this end, we first categorize and compare different attack and defense efforts. Second, we describe the temporal graph-based graphical security model to capture dynamic changes made by various MTD techniques in the network. We then develop a new set of security metrics for attack and defense efforts to evaluate the effectiveness of the MTD techniques. We implement two different MTD techniques, namely network topology shuffle and software diversity, and show their effectiveness against a targeted attack scenario in our experimental analysis. The results demonstrate that the proposed dynamic security metrics can capture different properties of MTD techniques, permitting a more fine-grained comparison and offering guidance for selecting the most effective MTD technique.

U2 - 10.1016/j.cose.2018.08.003

DO - 10.1016/j.cose.2018.08.003

M3 - Article

VL - 79

SP - 33

EP - 52

JO - Computers and Security

JF - Computers and Security

SN - 0167-4048

ER -