Effective security analysis for combinations of MTD techniques on cloud computing (short paper)

Hooman Alavizadeh, Dong Seong Kim, Jin B. Hong, Julian Jang-Jaccard

Research output: Chapter in Book/Conference paperConference paper

4 Citations (Scopus)

Abstract

Moving Target Defense (MTD) is an emerging security solution based on continuously changing attack surface thus makes it unpredictable for attackers. Cloud computing could leverage such MTD approaches to prevent its resources and services being compromised from an increasing number of attacks. Most of the existing MTD methods so far have focused on devising subtle strategies for attack surface mitigation, and only a few have evaluated the effectiveness of different MTD techniques deployed in systems. We conducted an in-depth study, based on realistic simulations done on a cloud environment, on the effects of security and reliability for three different MTD techniques: (i) Shuffle, (ii) Redundancy, and (iii) the combination of Shuffle and Redundancy. For comparisons, we use a formal scalable security model to analyse the effectiveness of the MTD techniques. Moreover, we adopt Network Centrality Measures to enhance the performance of security analysis to overcome the exponential computational complexity which is often seen in a large networked mode.

Original languageEnglish
Title of host publicationInformation Security Practice and Experience - 13th International Conference, ISPEC 2017, Proceedings
Place of PublicationGermany
PublisherSpringer-Verlag London Ltd.
Pages539-548
Number of pages10
ISBN (Print)9783319723587
DOIs
Publication statusPublished - 1 Jan 2017
Externally publishedYes
Event13th International Conference on Information Security Practice and Experience, ISPEC 2017 - Melbourne, Australia
Duration: 13 Dec 201715 Dec 2017

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10701 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference13th International Conference on Information Security Practice and Experience, ISPEC 2017
CountryAustralia
CityMelbourne
Period13/12/1715/12/17

Fingerprint

Moving Target
Security Analysis
Cloud computing
Cloud Computing
Redundancy
Computational complexity
Shuffle
Attack
Security Model
Centrality
Leverage
Computational Complexity
Resources
Simulation

Cite this

Alavizadeh, H., Kim, D. S., Hong, J. B., & Jang-Jaccard, J. (2017). Effective security analysis for combinations of MTD techniques on cloud computing (short paper). In Information Security Practice and Experience - 13th International Conference, ISPEC 2017, Proceedings (pp. 539-548). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10701 LNCS). Germany: Springer-Verlag London Ltd.. https://doi.org/10.1007/978-3-319-72359-4_32
Alavizadeh, Hooman ; Kim, Dong Seong ; Hong, Jin B. ; Jang-Jaccard, Julian. / Effective security analysis for combinations of MTD techniques on cloud computing (short paper). Information Security Practice and Experience - 13th International Conference, ISPEC 2017, Proceedings. Germany : Springer-Verlag London Ltd., 2017. pp. 539-548 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{c532a7a0c3f342078edfa8976ff5948b,
title = "Effective security analysis for combinations of MTD techniques on cloud computing (short paper)",
abstract = "Moving Target Defense (MTD) is an emerging security solution based on continuously changing attack surface thus makes it unpredictable for attackers. Cloud computing could leverage such MTD approaches to prevent its resources and services being compromised from an increasing number of attacks. Most of the existing MTD methods so far have focused on devising subtle strategies for attack surface mitigation, and only a few have evaluated the effectiveness of different MTD techniques deployed in systems. We conducted an in-depth study, based on realistic simulations done on a cloud environment, on the effects of security and reliability for three different MTD techniques: (i) Shuffle, (ii) Redundancy, and (iii) the combination of Shuffle and Redundancy. For comparisons, we use a formal scalable security model to analyse the effectiveness of the MTD techniques. Moreover, we adopt Network Centrality Measures to enhance the performance of security analysis to overcome the exponential computational complexity which is often seen in a large networked mode.",
keywords = "Cloud computing, Graphical security models, Moving target defense, Security analysis",
author = "Hooman Alavizadeh and Kim, {Dong Seong} and Hong, {Jin B.} and Julian Jang-Jaccard",
year = "2017",
month = "1",
day = "1",
doi = "10.1007/978-3-319-72359-4_32",
language = "English",
isbn = "9783319723587",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer-Verlag London Ltd.",
pages = "539--548",
booktitle = "Information Security Practice and Experience - 13th International Conference, ISPEC 2017, Proceedings",
address = "Germany",

}

Alavizadeh, H, Kim, DS, Hong, JB & Jang-Jaccard, J 2017, Effective security analysis for combinations of MTD techniques on cloud computing (short paper). in Information Security Practice and Experience - 13th International Conference, ISPEC 2017, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 10701 LNCS, Springer-Verlag London Ltd., Germany, pp. 539-548, 13th International Conference on Information Security Practice and Experience, ISPEC 2017, Melbourne, Australia, 13/12/17. https://doi.org/10.1007/978-3-319-72359-4_32

Effective security analysis for combinations of MTD techniques on cloud computing (short paper). / Alavizadeh, Hooman; Kim, Dong Seong; Hong, Jin B.; Jang-Jaccard, Julian.

Information Security Practice and Experience - 13th International Conference, ISPEC 2017, Proceedings. Germany : Springer-Verlag London Ltd., 2017. p. 539-548 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10701 LNCS).

Research output: Chapter in Book/Conference paperConference paper

TY - GEN

T1 - Effective security analysis for combinations of MTD techniques on cloud computing (short paper)

AU - Alavizadeh, Hooman

AU - Kim, Dong Seong

AU - Hong, Jin B.

AU - Jang-Jaccard, Julian

PY - 2017/1/1

Y1 - 2017/1/1

N2 - Moving Target Defense (MTD) is an emerging security solution based on continuously changing attack surface thus makes it unpredictable for attackers. Cloud computing could leverage such MTD approaches to prevent its resources and services being compromised from an increasing number of attacks. Most of the existing MTD methods so far have focused on devising subtle strategies for attack surface mitigation, and only a few have evaluated the effectiveness of different MTD techniques deployed in systems. We conducted an in-depth study, based on realistic simulations done on a cloud environment, on the effects of security and reliability for three different MTD techniques: (i) Shuffle, (ii) Redundancy, and (iii) the combination of Shuffle and Redundancy. For comparisons, we use a formal scalable security model to analyse the effectiveness of the MTD techniques. Moreover, we adopt Network Centrality Measures to enhance the performance of security analysis to overcome the exponential computational complexity which is often seen in a large networked mode.

AB - Moving Target Defense (MTD) is an emerging security solution based on continuously changing attack surface thus makes it unpredictable for attackers. Cloud computing could leverage such MTD approaches to prevent its resources and services being compromised from an increasing number of attacks. Most of the existing MTD methods so far have focused on devising subtle strategies for attack surface mitigation, and only a few have evaluated the effectiveness of different MTD techniques deployed in systems. We conducted an in-depth study, based on realistic simulations done on a cloud environment, on the effects of security and reliability for three different MTD techniques: (i) Shuffle, (ii) Redundancy, and (iii) the combination of Shuffle and Redundancy. For comparisons, we use a formal scalable security model to analyse the effectiveness of the MTD techniques. Moreover, we adopt Network Centrality Measures to enhance the performance of security analysis to overcome the exponential computational complexity which is often seen in a large networked mode.

KW - Cloud computing

KW - Graphical security models

KW - Moving target defense

KW - Security analysis

UR - http://www.scopus.com/inward/record.url?scp=85038098722&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-72359-4_32

DO - 10.1007/978-3-319-72359-4_32

M3 - Conference paper

SN - 9783319723587

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 539

EP - 548

BT - Information Security Practice and Experience - 13th International Conference, ISPEC 2017, Proceedings

PB - Springer-Verlag London Ltd.

CY - Germany

ER -

Alavizadeh H, Kim DS, Hong JB, Jang-Jaccard J. Effective security analysis for combinations of MTD techniques on cloud computing (short paper). In Information Security Practice and Experience - 13th International Conference, ISPEC 2017, Proceedings. Germany: Springer-Verlag London Ltd. 2017. p. 539-548. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-319-72359-4_32

Access to Document