Cost-effective migration-based dynamic platform defense technique: a CTMDP approach

Abstract

The fantastic growth in cybersecurity attack frequency and sophistication over the years advances the development of Moving Target Defense (MTD) technology. Migration-based dynamic platform technique (DPT), one of MTD techniques, is expected to significantly improve cyberspace security by migrating service across multiple platforms according to the predefined policy. However, the existing random migration policies cause unnecessary cost when the service platform is not under attack, which indicates the necessity of combining DPT with traditional detection-based defense mechanism to make migration decision. In this paper, we propose a Continuous-Time Markov Decision Process (CTMDP)-based dynamic platform defense model against multi-stage attacks, which can determine the optimal service migration timing based on the system reward. To maximize the expected total discounted reward of the system, we utilize the value iteration algorithm to determine the optimal policy which defines what action to be taken in a specific state. Experiments are carried out to demonstrate that our CTMDP-based dynamic platform defense model obtains higher expected total discounted reward than using random migration policies. We also investigate the effects of platform numbers and discount factors on the system reward.

This is a preview of subscription content, access via your institution.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Data availability

Not applicable.

References

  1. 1.

    Jajodia S, Ghosh AK, Swarup V, Wang C, Wang XS (eds) (2011) Moving target defense: creating asymmetric uncertainty for cyber threats, vol 54, Springer Science & Business Media

  2. 2.

    Okhravi H, Hobson T, Bigelow D, Streilein W (2013) Finding focus in the blur of moving-target techniques. IEEE Security & Privacy 12(2):16–26

    Article  Google Scholar 

  3. 3.

    Xu J, Guo P, Zhao M, Erbacher RF, Zhu M, Liu P (2014) Comparing different moving target defense techniques. In Proceedings of the First ACM Workshop on Moving Target. Defense:97–107

  4. 4.

    Chang X, Shi Y, Zhang Z, Xu Z, Trivedi K (2020) Job Completion Time under Migration-based Dynamic Platform Technique. IEEE Transactions on Services Computing. https://doi.org/10.1109/TSC.2020.2989215

  5. 5.

    Chen Z, Chang X, Han Z, Yang Y (2020) Numerical Evaluation of Job Finish Time Under MTD Environment. IEEE Access 8:11437–11446

    Article  Google Scholar 

  6. 6.

    Shin J, Choi SH, Liu P, Choi YH (2019) Unsupervised multi-stage attack detection framework without details on single-stage attacks. Future Generation Computer Systems 100:811–825

    Article  Google Scholar 

  7. 7.

    Zheng K, Meng H, Chatzimisios P, Lei L, Shen X (2015) An SMDP-based resource allocation in vehicular cloud computing systems. IEEE Transactions on Industrial Electronics 62(12):7920–7928

    Article  Google Scholar 

  8. 8.

    Peng, W., Li, F., Huang, C. T., & Zou, X. (2014). A moving-target defense strategy for cloud-based services with heterogeneous and dynamic attack surfaces. In 2014 IEEE International Conference on Communications (ICC) (pp. 804–809). IEEE

  9. 9.

    Nguyen, M., Samanta, P., & Debroy, S. (2018). Analyzing moving target defense for resilient campus private cloud. In 2018 IEEE 11th International Conference on Cloud Computing (CLOUD) (pp. 114–121). IEEE

  10. 10.

    Yang, R., Chang, X., Misic, J., Misic, V. B., Chen, Z., & Liu, B. (2019). Exploiting Dynamic Platform Protection Technique for Increasing Service MTTF. In 2019 IEEE Global Communications Conference (GLOBECOM) (pp. 1–6). IEEE

  11. 11.

    Okhravi, H., Riordan, J., & Carter, K. (2014). Quantitative evaluation of dynamic platform techniques as a defensive mechanism. In International Workshop on Recent Advances in Intrusion Detection (pp. 405–425). Springer, Cham

  12. 12.

    Nguyen, Q. L., & Sood, A. (2016). Improving Security Level via Velocity of Moving Target Defense. In 2016 IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C) (pp. 418–419). IEEE

  13. 13.

    Qi, X., Shen, S., & Wang, Q. (2020). A Moving Target Defense Technology Based on SCIT. In 2020 International Conference on Computer Engineering and Application (ICCEA) (pp. 454–457). IEEE

  14. 14.

    Okhravi H, Comella A, Robinson E, Haines J (2012) Creating a cyber moving target for critical infrastructure applications using platform diversity. International Journal of Critical Infrastructure Protection 5(1):30–39

    Article  Google Scholar 

  15. 15.

    Tozer, B., Mazzuchi, T., & Sarkani, S. (2015). Optimizing attack surface and configuration diversity using multi-objective reinforcement learning. In 2015 ieee 14th international conference on machine learning and applications (icmla) (pp. 144–149). IEEE

  16. 16.

    Hu Z, Zhu M, Liu P (2017) Online algorithms for adaptive cyber defense on bayesian attack graphs. In Proceedings of the 2017 Workshop on moving target. defense:99–109

  17. 17.

    Zheng, J., & Namin, A. S. (2019). Enforcing Optimal Moving Target Defense Policies. In 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC) (Vol. 1, pp. 753–759). IEEE

  18. 18.

    Carter KM, Riordan JF, Okhravi H (2014) A game theoretic approach to strategy determination for dynamic platform defenses. In Proceedings of the first ACM workshop on moving target. defense:21–30

  19. 19.

    Maleki H, Valizadeh S, Koch W, Bestavros A, Van Dijk M (2016) Markov modeling of moving target defense games. In Proceedings of the 2016 ACM Workshop on Moving Target. Defense:81–92

  20. 20.

    Lei C, Ma DH, Zhang HQ (2017) Optimal strategy selection for moving target defense based on Markov game. IEEE Access 5:156–169

    Article  Google Scholar 

  21. 21.

    Tan JL, Lei C, Zhang HQ, Cheng YQ (2019) Optimal strategy selection approach to moving target defense based on Markov robust game. Computers & Security 85:63–76

    Article  Google Scholar 

  22. 22.

    Puterman, M. L. (2014). Markov decision processes: discrete stochastic dynamic programming. John Wiley & Sons

  23. 23.

    El Zant, B., & Gagnaire, M. (2015). Performance and price analysis for cloud service providers. In 2015 Science and Information Conference (SAI) (pp. 816–822). IEEE

  24. 24.

    Sourour D, Chen T, Feng Y, Wang G (2019) Platform Moving Target Defense Strategy Based on Trusted Dynamic Logical Heterogeneity System. In Proceedings of the 2019 International Conference on Artificial Intelligence and Computer. Science:643–648

  25. 25.

    Rodríguez, R. J., Chang, X., Li, X., & Trivedi, K. S. (2016). Survivability Analysis of a Computer System Under an Advanced Persistent Threat Attack. In International Workshop on Graphical Models for Security (pp. 134–149). Springer

Download references

Funding

This research of the first two authors was supported by the Fundamental Research Funds for the Central Universities of China under Grants 2020YJS045 and the National Natural Science Foundation of China under Grant No.U1836105. The work of J. Mišić and V. B. Mišić was supported by their respective NSERC Discovery Grants.

Author information

Affiliations

Authors

Corresponding author

Correspondence to Xiaolin Chang.

Ethics declarations

Conflict of interest

No potential conflict of interest was reported by the authors.

Code availability

Not applicable.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Zhang, Y., Chang, X., Mišić, J. et al. Cost-effective migration-based dynamic platform defense technique: a CTMDP approach. Peer-to-Peer Netw. Appl. (2021). https://doi.org/10.1007/s12083-021-01084-8

Download citation

Keywords

  • Continuous-time Markov decision process
  • Migration-based dynamic platform technique
  • Moving target defense
  • Multi-stage attacks