scholarly journals Ghost-MTD: Moving Target Defense via Protocol Mutation for Mission-Critical Cloud Systems

Energies ◽  
2020 ◽  
Vol 13 (8) ◽  
pp. 1883
Author(s):  
Jun-Gyu Park ◽  
Yangjae Lee ◽  
Ki-Wan Kang ◽  
Sang-Hoon Lee ◽  
Ki-Woong Park
Keyword(s):  
Cyber Security ◽  
System Analysis ◽  
Communication Protocols ◽  
Target System ◽  
Moving Target ◽  
Security Technology ◽  
Moving Target Defense ◽  
Security Technologies ◽  
Potential Target ◽  
System Properties

Research on various security technologies has been actively underway to protect systems from attackers. However, attackers can secure enough time to reconnoiter and attack the target system owing to its static nature. This develops asymmetric warfare in which attackers outwit defenders. Moving target defense (MTD) technologies, which obfuscate the attack surface by modifying the main properties of the potential target system, have been gaining attention as an active cyber security technology. Particularly, network-based MTD (NMTD) technologies, which dynamically mutate the network configuration information, such as IP and ports of the potential target system, can dramatically increase the time required for an attacker to analyze the system. Therefore, this system defense technology has been actively researched. However, increasing the analysis complexity of the target system is limited in conventional NMTD because the variation of system properties (e.g., IP, port) that can be mutated is restricted by the system configuration environment. Therefore, there is a need for an MTD technique that effectively delays an attacker during the system analysis by increasing the variation of system properties. Additionally, in terms of practicality, minimizing the computational overhead arising by the MTD technology and solving the compatibility problem with existing communication protocols are critical issues that cannot be overlooked. In this study, we propose a technology called Ghost-MTD (gMTD). gMTD allows only the user who is aware of protocol mutation patterns to correctly communicate with the service modules of the server system through protocol mutation using the pre-shared one-time bit sequence. Otherwise, gMTD deceives the attackers who attempt to infiltrate the system by redirecting their messages to a decoy-hole module. The experimental results show that the proposed technology enables protocol mutation and validation with a very low performance overhead of only 3.28% to 4.97% using an m-bit (m ≥ 4) length one-time bit sequence and can be applied to real systems regardless of the specific communication protocols.

scholarly journals Moving Target Defense Based on Adaptive Forwarding Path Migration for Securing the SCADA Network

2021 ◽  
Vol 2021 ◽  
pp. 1-15
Author(s):  
Yifan Hu ◽  
Peng Xun ◽  
Peidong Zhu ◽  
Wenjie Kang ◽  
Yinqiao Xiong ◽  
...  
Keyword(s):  
Smart Grids ◽  
Network Performance ◽  
Target System ◽  
Moving Target ◽  
Moving Target Defense ◽  
Dynamic Switching ◽  
Scada System ◽  
Attack Surface ◽  
Capacity Matrix ◽  
Attack And Defense

Static characteristics of supervisory control and data acquisition (SCADA) system are often exploited to perform malicious activities on smart grids. Most of the time, the success of cyberattacks begins with the profiling of the target system and follows by the analysis of the limited resources. To alleviate the asymmetry between attack and defense, network-based moving target defense (MTD) techniques have been applied in the network system to defend against cyberattacks by constructing a dynamic attack surface to the adversary. In this paper, we propose a novel MTD technique based on adaptive forwarding path migration (AFPM) that focuses on improving the defense capability and optimizing the network performance of path mutation. Considering the transient problems present in path mutation caused by the dynamic switching of the forwarding path, we formalize the mutation constraints based on the satisfiability modulo theory (SMT) to select the mutation path. Considering the limited defense capability of path mutation owing to the traditional mutation selection mechanism, we design the mutation path generation algorithm based on the network security capacity matrix to obtain an optimal combination of mutation path and mutation period. Finally, we compare and analyze various cyber defense techniques used in the SCADA network and demonstrate experimentally that our MTD technique can prevent more than 92% of passive monitoring under specified conditions while ensuring the quality of service (QoS) to be almost the same as the static network.

TOTP Moving Target Defense for sensitive network services

2021 ◽  
pp. 101412
Author(s):  
Vitor A. Cunha ◽  
Daniel Corujo ◽  
Joao P. Barraca ◽  
Rui L. Aguiar
Keyword(s):  
Network Services ◽  
Moving Target ◽  
Moving Target Defense

scholarly journals On Event-Triggered Implementation of Moving Target Defense Control

2020 ◽  
Vol 53 (2) ◽  
pp. 3539-3544
Author(s):  
Tua A. Tamba ◽  
Bin Hu ◽  
Yul Y. Nazaruddin
Keyword(s):  
Moving Target ◽  
Moving Target Defense ◽  
Event Triggered
Sign in / Sign up

Export Citation Format

Share Document