TY - GEN
T1 - Effective security analysis for combinations of MTD techniques on cloud computing (short paper)
AU - Alavizadeh, Hooman
AU - Kim, Dong Seong
AU - Hong, Jin B.
AU - Jang-Jaccard, Julian
PY - 2017/1/1
Y1 - 2017/1/1
N2 - Moving Target Defense (MTD) is an emerging security solution based on continuously changing attack surface thus makes it unpredictable for attackers. Cloud computing could leverage such MTD approaches to prevent its resources and services being compromised from an increasing number of attacks. Most of the existing MTD methods so far have focused on devising subtle strategies for attack surface mitigation, and only a few have evaluated the effectiveness of different MTD techniques deployed in systems. We conducted an in-depth study, based on realistic simulations done on a cloud environment, on the effects of security and reliability for three different MTD techniques: (i) Shuffle, (ii) Redundancy, and (iii) the combination of Shuffle and Redundancy. For comparisons, we use a formal scalable security model to analyse the effectiveness of the MTD techniques. Moreover, we adopt Network Centrality Measures to enhance the performance of security analysis to overcome the exponential computational complexity which is often seen in a large networked mode.
AB - Moving Target Defense (MTD) is an emerging security solution based on continuously changing attack surface thus makes it unpredictable for attackers. Cloud computing could leverage such MTD approaches to prevent its resources and services being compromised from an increasing number of attacks. Most of the existing MTD methods so far have focused on devising subtle strategies for attack surface mitigation, and only a few have evaluated the effectiveness of different MTD techniques deployed in systems. We conducted an in-depth study, based on realistic simulations done on a cloud environment, on the effects of security and reliability for three different MTD techniques: (i) Shuffle, (ii) Redundancy, and (iii) the combination of Shuffle and Redundancy. For comparisons, we use a formal scalable security model to analyse the effectiveness of the MTD techniques. Moreover, we adopt Network Centrality Measures to enhance the performance of security analysis to overcome the exponential computational complexity which is often seen in a large networked mode.
KW - Cloud computing
KW - Graphical security models
KW - Moving target defense
KW - Security analysis
UR - http://www.scopus.com/inward/record.url?scp=85038098722&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-72359-4_32
DO - 10.1007/978-3-319-72359-4_32
M3 - Conference paper
AN - SCOPUS:85038098722
SN - 9783319723587
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 539
EP - 548
BT - Information Security Practice and Experience - 13th International Conference, ISPEC 2017, Proceedings
PB - Springer-Verlag London Ltd.
CY - Germany
T2 - 13th International Conference on Information Security Practice and Experience, ISPEC 2017
Y2 - 13 December 2017 through 15 December 2017
ER -