Effective security analysis for combinations of MTD techniques on cloud computing (short paper)

Hooman Alavizadeh, Dong Seong Kim, Jin B. Hong, Julian Jang-Jaccard

Research output: Chapter in Book/Conference paperConference paper

11 Citations (Scopus)

Abstract

Moving Target Defense (MTD) is an emerging security solution based on continuously changing attack surface thus makes it unpredictable for attackers. Cloud computing could leverage such MTD approaches to prevent its resources and services being compromised from an increasing number of attacks. Most of the existing MTD methods so far have focused on devising subtle strategies for attack surface mitigation, and only a few have evaluated the effectiveness of different MTD techniques deployed in systems. We conducted an in-depth study, based on realistic simulations done on a cloud environment, on the effects of security and reliability for three different MTD techniques: (i) Shuffle, (ii) Redundancy, and (iii) the combination of Shuffle and Redundancy. For comparisons, we use a formal scalable security model to analyse the effectiveness of the MTD techniques. Moreover, we adopt Network Centrality Measures to enhance the performance of security analysis to overcome the exponential computational complexity which is often seen in a large networked mode.

Original languageEnglish
Title of host publicationInformation Security Practice and Experience - 13th International Conference, ISPEC 2017, Proceedings
Place of PublicationGermany
PublisherSpringer-Verlag London Ltd.
Pages539-548
Number of pages10
ISBN (Print)9783319723587
DOIs
Publication statusPublished - 1 Jan 2017
Externally publishedYes
Event13th International Conference on Information Security Practice and Experience, ISPEC 2017 - Melbourne, Australia
Duration: 13 Dec 201715 Dec 2017

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10701 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference13th International Conference on Information Security Practice and Experience, ISPEC 2017
CountryAustralia
CityMelbourne
Period13/12/1715/12/17

Fingerprint Dive into the research topics of 'Effective security analysis for combinations of MTD techniques on cloud computing (short paper)'. Together they form a unique fingerprint.

Cite this