Scalable security models for assessing effectiveness of moving target defenses

Jin B. Hong, Dong Seong Kim

Research output: Chapter in Book/Conference paperConference paper

9 Citations (Scopus)

Abstract

Moving Target Defense (MTD) changes the attack surface of a system that confuses intruders to thwart attacks. Various MTD techniques are developed to enhance the security of a networked system, but the effectiveness of these techniques is not well assessed. Security models (e.g., Attack Graphs (AGs)) provide formal methods of assessing security, but modeling the MTD techniques in security models has not been studied. In this paper, we incorporate the MTD techniques in security modeling and analysis using a scalable security model, namely Hierarchical Attack Representation Models (HARMs), to assess the effectiveness of the MTD techniques. In addition, we use importance measures (IMs) for scalable security analysis and deploying the MTD techniques in an effective manner. The performance comparison between the HARM and the AG is given. Also, we compare the performance of using the IMs and the exhaustive search method in simulations.

Original languageEnglish
Title of host publicationProceedings of the International Conference on Dependable Systems and Networks
Place of PublicationUnited States
PublisherIEEE, Institute of Electrical and Electronics Engineers
Pages515-526
Number of pages12
ISBN (Electronic)9781479922338
DOIs
Publication statusPublished - 18 Sep 2014
Externally publishedYes
Event44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2014 - Atlanta, United States
Duration: 23 Jun 201426 Jun 2014

Conference

Conference44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2014
CountryUnited States
CityAtlanta
Period23/06/1426/06/14

Fingerprint

Formal methods

Cite this

Hong, J. B., & Kim, D. S. (2014). Scalable security models for assessing effectiveness of moving target defenses. In Proceedings of the International Conference on Dependable Systems and Networks (pp. 515-526). [6903607] United States: IEEE, Institute of Electrical and Electronics Engineers. https://doi.org/10.1109/DSN.2014.54
Hong, Jin B. ; Kim, Dong Seong. / Scalable security models for assessing effectiveness of moving target defenses. Proceedings of the International Conference on Dependable Systems and Networks. United States : IEEE, Institute of Electrical and Electronics Engineers, 2014. pp. 515-526
@inproceedings{ca9f5da3d3824b87954fb96290c00c64,
title = "Scalable security models for assessing effectiveness of moving target defenses",
abstract = "Moving Target Defense (MTD) changes the attack surface of a system that confuses intruders to thwart attacks. Various MTD techniques are developed to enhance the security of a networked system, but the effectiveness of these techniques is not well assessed. Security models (e.g., Attack Graphs (AGs)) provide formal methods of assessing security, but modeling the MTD techniques in security models has not been studied. In this paper, we incorporate the MTD techniques in security modeling and analysis using a scalable security model, namely Hierarchical Attack Representation Models (HARMs), to assess the effectiveness of the MTD techniques. In addition, we use importance measures (IMs) for scalable security analysis and deploying the MTD techniques in an effective manner. The performance comparison between the HARM and the AG is given. Also, we compare the performance of using the IMs and the exhaustive search method in simulations.",
keywords = "Attack Representation Model, Importance Measures, Moving Target Defense, Security Analysis, Security Modeling Techniques",
author = "Hong, {Jin B.} and Kim, {Dong Seong}",
year = "2014",
month = "9",
day = "18",
doi = "10.1109/DSN.2014.54",
language = "English",
pages = "515--526",
booktitle = "Proceedings of the International Conference on Dependable Systems and Networks",
publisher = "IEEE, Institute of Electrical and Electronics Engineers",
address = "United States",

}

Hong, JB & Kim, DS 2014, Scalable security models for assessing effectiveness of moving target defenses. in Proceedings of the International Conference on Dependable Systems and Networks., 6903607, IEEE, Institute of Electrical and Electronics Engineers, United States, pp. 515-526, 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2014, Atlanta, United States, 23/06/14. https://doi.org/10.1109/DSN.2014.54

Scalable security models for assessing effectiveness of moving target defenses. / Hong, Jin B.; Kim, Dong Seong.

Proceedings of the International Conference on Dependable Systems and Networks. United States : IEEE, Institute of Electrical and Electronics Engineers, 2014. p. 515-526 6903607.

Research output: Chapter in Book/Conference paperConference paper

TY - GEN

T1 - Scalable security models for assessing effectiveness of moving target defenses

AU - Hong, Jin B.

AU - Kim, Dong Seong

PY - 2014/9/18

Y1 - 2014/9/18

N2 - Moving Target Defense (MTD) changes the attack surface of a system that confuses intruders to thwart attacks. Various MTD techniques are developed to enhance the security of a networked system, but the effectiveness of these techniques is not well assessed. Security models (e.g., Attack Graphs (AGs)) provide formal methods of assessing security, but modeling the MTD techniques in security models has not been studied. In this paper, we incorporate the MTD techniques in security modeling and analysis using a scalable security model, namely Hierarchical Attack Representation Models (HARMs), to assess the effectiveness of the MTD techniques. In addition, we use importance measures (IMs) for scalable security analysis and deploying the MTD techniques in an effective manner. The performance comparison between the HARM and the AG is given. Also, we compare the performance of using the IMs and the exhaustive search method in simulations.

AB - Moving Target Defense (MTD) changes the attack surface of a system that confuses intruders to thwart attacks. Various MTD techniques are developed to enhance the security of a networked system, but the effectiveness of these techniques is not well assessed. Security models (e.g., Attack Graphs (AGs)) provide formal methods of assessing security, but modeling the MTD techniques in security models has not been studied. In this paper, we incorporate the MTD techniques in security modeling and analysis using a scalable security model, namely Hierarchical Attack Representation Models (HARMs), to assess the effectiveness of the MTD techniques. In addition, we use importance measures (IMs) for scalable security analysis and deploying the MTD techniques in an effective manner. The performance comparison between the HARM and the AG is given. Also, we compare the performance of using the IMs and the exhaustive search method in simulations.

KW - Attack Representation Model

KW - Importance Measures

KW - Moving Target Defense

KW - Security Analysis

KW - Security Modeling Techniques

UR - http://www.scopus.com/inward/record.url?scp=84912058027&partnerID=8YFLogxK

U2 - 10.1109/DSN.2014.54

DO - 10.1109/DSN.2014.54

M3 - Conference paper

SP - 515

EP - 526

BT - Proceedings of the International Conference on Dependable Systems and Networks

PB - IEEE, Institute of Electrical and Electronics Engineers

CY - United States

ER -

Hong JB, Kim DS. Scalable security models for assessing effectiveness of moving target defenses. In Proceedings of the International Conference on Dependable Systems and Networks. United States: IEEE, Institute of Electrical and Electronics Engineers. 2014. p. 515-526. 6903607 https://doi.org/10.1109/DSN.2014.54