A Survey of Moving Target Defenses for Network Security release_6i3uibpforc4vndap7sbnxml5m

by Sailik Sengupta, Ankur Chowdhary, Abdulhakim Sabur, Dijiang Huang, Adel Alshamrani, Subbarao Kambhampati

Released as a article .

2019  

Abstract

Network defense techniques based on traditional tools, techniques, and procedures fail to account for the attacker's inherent advantage present due to the static nature of network services and configurations. Moving Target Defense (MTD), on the other hand, provides an intelligent countermeasure by dynamically re-configuring the underlying systems, thereby reducing the effectiveness of cyber attacks. In this survey, we analyze the recent advancements made in the development of MTDs and highlight how these defenses can be made more effective with the use of artificial intelligence techniques for decision making. We first define a unified formal notation for MTDs that can capture different aspects of such defenses. We then categorize these defenses into different sub-classes depending on how they answer the three questions -- what to move, when to move and how to move -- showcasing how game-theoretic strategies can effectively answer the latter question. To understand the usefulness of these defense methods, we study the implementation of such MTD techniques. We find that new networking technologies such as Software Defined Networking and Network Function Virtualization provide effective means for implementing these dynamic defense methods. To encourage researchers and industry experts in using such defenses, we highlight industry use-cases and discuss the practicality and maturity of these defenses. To aid readers who want to test or deploy MTD techniques, we highlight existing MTD test-beds. Our survey then performs both a qualitative and quantitative analysis to better understand the effectiveness of these MTDs in terms of security and performance. To that extent, we use well-defined metrics for measuring performance costs and security impacts of the surveyed MTDs. Finally, we conclude by summarizing research opportunities that our survey elucidates.
In text/plain format

Archived Files and Locations

application/pdf  1.3 MB
file_ucsq7iu33zaybp4ujymzavhh7m
arxiv.org (repository)
web.archive.org (webarchive)
Read Archived PDF
Preserved and Accessible
Type  article
Stage   submitted
Date   2019-05-02
Version   v1
Language   en ?
arXiv  1905.00964v1
Work Entity
access all versions, variants, and formats of this works (eg, pre-prints)
Catalog Record
Revision: e93ed659-73ea-4281-9582-0c8cf04f04a8
API URL: JSON