The fantastic growth in cybersecurity attack frequency and sophistication over the years advances the development of Moving Target Defense (MTD) technology. Migration-based dynamic platform technique (DPT), one of MTD techniques, is expected to significantly improve cyberspace security by migrating service across multiple platforms according to the predefined policy. However, the existing random migration policies cause unnecessary cost when the service platform is not under attack, which indicates the necessity of combining DPT with traditional detection-based defense mechanism to make migration decision. In this paper, we propose a Continuous-Time Markov Decision Process (CTMDP)-based dynamic platform defense model against multi-stage attacks, which can determine the optimal service migration timing based on the system reward. To maximize the expected total discounted reward of the system, we utilize the value iteration algorithm to determine the optimal policy which defines what action to be taken in a specific state. Experiments are carried out to demonstrate that our CTMDP-based dynamic platform defense model obtains higher expected total discounted reward than using random migration policies. We also investigate the effects of platform numbers and discount factors on the system reward.
This is a preview of subscription content, access via your institution.
Buy single article
Instant access to the full article PDF.
Tax calculation will be finalised during checkout.
Subscribe to journal
Immediate online access to all issues from 2019. Subscription will auto renew annually.
Tax calculation will be finalised during checkout.
Jajodia S, Ghosh AK, Swarup V, Wang C, Wang XS (eds) (2011) Moving target defense: creating asymmetric uncertainty for cyber threats, vol 54, Springer Science & Business Media
Okhravi H, Hobson T, Bigelow D, Streilein W (2013) Finding focus in the blur of moving-target techniques. IEEE Security & Privacy 12(2):16–26
Xu J, Guo P, Zhao M, Erbacher RF, Zhu M, Liu P (2014) Comparing different moving target defense techniques. In Proceedings of the First ACM Workshop on Moving Target. Defense:97–107
Chang X, Shi Y, Zhang Z, Xu Z, Trivedi K (2020) Job Completion Time under Migration-based Dynamic Platform Technique. IEEE Transactions on Services Computing. https://doi.org/10.1109/TSC.2020.2989215
Chen Z, Chang X, Han Z, Yang Y (2020) Numerical Evaluation of Job Finish Time Under MTD Environment. IEEE Access 8:11437–11446
Shin J, Choi SH, Liu P, Choi YH (2019) Unsupervised multi-stage attack detection framework without details on single-stage attacks. Future Generation Computer Systems 100:811–825
Zheng K, Meng H, Chatzimisios P, Lei L, Shen X (2015) An SMDP-based resource allocation in vehicular cloud computing systems. IEEE Transactions on Industrial Electronics 62(12):7920–7928
Peng, W., Li, F., Huang, C. T., & Zou, X. (2014). A moving-target defense strategy for cloud-based services with heterogeneous and dynamic attack surfaces. In 2014 IEEE International Conference on Communications (ICC) (pp. 804–809). IEEE
Nguyen, M., Samanta, P., & Debroy, S. (2018). Analyzing moving target defense for resilient campus private cloud. In 2018 IEEE 11th International Conference on Cloud Computing (CLOUD) (pp. 114–121). IEEE
Yang, R., Chang, X., Misic, J., Misic, V. B., Chen, Z., & Liu, B. (2019). Exploiting Dynamic Platform Protection Technique for Increasing Service MTTF. In 2019 IEEE Global Communications Conference (GLOBECOM) (pp. 1–6). IEEE
Okhravi, H., Riordan, J., & Carter, K. (2014). Quantitative evaluation of dynamic platform techniques as a defensive mechanism. In International Workshop on Recent Advances in Intrusion Detection (pp. 405–425). Springer, Cham
Nguyen, Q. L., & Sood, A. (2016). Improving Security Level via Velocity of Moving Target Defense. In 2016 IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C) (pp. 418–419). IEEE
Qi, X., Shen, S., & Wang, Q. (2020). A Moving Target Defense Technology Based on SCIT. In 2020 International Conference on Computer Engineering and Application (ICCEA) (pp. 454–457). IEEE
Okhravi H, Comella A, Robinson E, Haines J (2012) Creating a cyber moving target for critical infrastructure applications using platform diversity. International Journal of Critical Infrastructure Protection 5(1):30–39
Tozer, B., Mazzuchi, T., & Sarkani, S. (2015). Optimizing attack surface and configuration diversity using multi-objective reinforcement learning. In 2015 ieee 14th international conference on machine learning and applications (icmla) (pp. 144–149). IEEE
Hu Z, Zhu M, Liu P (2017) Online algorithms for adaptive cyber defense on bayesian attack graphs. In Proceedings of the 2017 Workshop on moving target. defense:99–109
Zheng, J., & Namin, A. S. (2019). Enforcing Optimal Moving Target Defense Policies. In 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC) (Vol. 1, pp. 753–759). IEEE
Carter KM, Riordan JF, Okhravi H (2014) A game theoretic approach to strategy determination for dynamic platform defenses. In Proceedings of the first ACM workshop on moving target. defense:21–30
Maleki H, Valizadeh S, Koch W, Bestavros A, Van Dijk M (2016) Markov modeling of moving target defense games. In Proceedings of the 2016 ACM Workshop on Moving Target. Defense:81–92
Lei C, Ma DH, Zhang HQ (2017) Optimal strategy selection for moving target defense based on Markov game. IEEE Access 5:156–169
Tan JL, Lei C, Zhang HQ, Cheng YQ (2019) Optimal strategy selection approach to moving target defense based on Markov robust game. Computers & Security 85:63–76
Puterman, M. L. (2014). Markov decision processes: discrete stochastic dynamic programming. John Wiley & Sons
El Zant, B., & Gagnaire, M. (2015). Performance and price analysis for cloud service providers. In 2015 Science and Information Conference (SAI) (pp. 816–822). IEEE
Sourour D, Chen T, Feng Y, Wang G (2019) Platform Moving Target Defense Strategy Based on Trusted Dynamic Logical Heterogeneity System. In Proceedings of the 2019 International Conference on Artificial Intelligence and Computer. Science:643–648
Rodríguez, R. J., Chang, X., Li, X., & Trivedi, K. S. (2016). Survivability Analysis of a Computer System Under an Advanced Persistent Threat Attack. In International Workshop on Graphical Models for Security (pp. 134–149). Springer
This research of the first two authors was supported by the Fundamental Research Funds for the Central Universities of China under Grants 2020YJS045 and the National Natural Science Foundation of China under Grant No.U1836105. The work of J. Mišić and V. B. Mišić was supported by their respective NSERC Discovery Grants.
Conflict of interest
No potential conflict of interest was reported by the authors.
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
About this article
Cite this article
Zhang, Y., Chang, X., Mišić, J. et al. Cost-effective migration-based dynamic platform defense technique: a CTMDP approach. Peer-to-Peer Netw. Appl. (2021). https://doi.org/10.1007/s12083-021-01084-8
- Continuous-time Markov decision process
- Migration-based dynamic platform technique
- Moving target defense
- Multi-stage attacks