Game theoretic analysis for the mechanism of moving target defense

Article

Abstract

Moving target defense (MTD) is a novel way to alter the asymmetric situation of attacks and defenses, and a lot of MTD studies have been carried out recently. However, relevant analysis for the defense mechanism of the MTD technology is still absent. In this paper, we analyze the defense mechanism of MTD technology in two dimensions. First, we present a new defense model named MP2R to describe the proactivity and effect of MTD technology intuitively. Second, we use the incomplete information dynamic game theory to verify the proactivity and effect of MTD technology. Specifically, we model the interaction between a defender who equips a server with different types of MTD techniques and a visitor who can be a user or an attacker, and analyze the equilibria and their conditions for these models. Then, we take an existing incomplete information dynamic game model for traditional defense and its equilibrium result as baseline for comparison, to validate the proactivity and effect of MTD technology. We also identify the factors that will influence the proactivity and effectiveness of the MTD approaches. This work gives theoretical support for understanding the defense process and defense mechanism of MTD technology and provides suggestions to improve the effectiveness of MTD approaches.

Key words

Network security Moving target defense (MTD) Defense mechanism Defense model Game theory 

CLC number

TP393 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Al-Shaer, E., Duan, Q., Jafarian, J.H., 2013. Random host mutation for moving target defense. Int. Conf. on Security and Privacy in Communication Systems, p.310–327. https://doi.org/10.1007/978-3-642-36883-7_19Google Scholar
  2. Azab, M., Hassan, R., Eltoweissy, M., 2011. ChameleonSoft: a moving target defense system. 7th Int. Conf. on Collaborative Computing: Networking, Applications and Worksharing, p.241–250. https://doi.org/10.4108/icst.collaboratecom.2011.247115Google Scholar
  3. Cai, G., Wang, B., Hu, W., et al., 2016a. Moving target defense: state of the art and characteristics. Front. Inform. Technol. Electron. Eng., 17(11):1122–1153. https://doi.org/10.1631/FITEE.1601321CrossRefGoogle Scholar
  4. Cai, G., Wang, B., Luo, Y., et al., 2016b. Characterizing the running patterns of moving target defense mechanisms. 18th Int. Conf. on Advanced Communication Technology, p.191–196. https://doi.org/10.1109/ICACT.2016.7423324Google Scholar
  5. Carroll, T., Grosu, D., 2011. A game theoretic investigation of deception in network security. Secur. Commun. Netw., 4(10):1162–1172. https://doi.org/10.1002/sec.242CrossRefGoogle Scholar
  6. Carroll, T., Crouse, M., Fulp, E., et al., 2014. Analysis of network address shuffling as a moving target defense. IEEE Int. Conf. on Communications, p.701–706. https://doi.org/10.1109/ICC.2014.6883401Google Scholar
  7. Carter, K., Riordan, J., Okhravi, H., 2014. A game theoretic approach to strategy determination for dynamic platform defenses. 1st ACM Workshop on Moving Target Defense, p.21–30. https://doi.org/10.1145/2663474.2663478Google Scholar
  8. Carvalho, M., Bradshaw, J., Bunch, L., et al., 2012. Command and control requirements for moving-target defense. IEEE Intell. Syst., 27(3):79–85. https://doi.org/10.1109/MIS.2012.45CrossRefGoogle Scholar
  9. Colbaugh, R., Glass, K., 2012. Predictability-oriented defense against adaptive adversaries. IEEE Int. Conf. on Systems, Man, and Cybernetics, p.2721–2727. https://doi.org/10.1109/ICSMC.2012.6378159Google Scholar
  10. Hobson, T., Okhravi, H., Bigelow, D., et al., 2014. On the challenges of effective movement. 1st ACM Workshop on Moving Target Defense, p.41–50. https://doi.org/10.1145/2663474.2663480Google Scholar
  11. Huang, Y., Ghosh, A., 2011. Introducing diversity and uncertainty to create moving attack surfaces for web services. In: Jajodia, S., Ghosh, A., Swarup, V., et al. (Eds.), Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats. Springer New York, New York, p.131–151. https://doi.org/10.1007/978-1-4614-0977-9_8CrossRefGoogle Scholar
  12. Jajodia, S., Ghosh, A., Swarup, V., et al., 2011. Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats. Springer Science & Business Media.CrossRefGoogle Scholar
  13. Jia, C., Zhong, A., Zhang, W., et al., 2006. Incomplete informational and dynamic game model in network security. J. Comput. Res. Dev., 43(Suppl.):530–533 (in Chinese).Google Scholar
  14. Liu, C., Zhang, Y., Chen, R., 2011. Research on dynamic model for network security based on artificial immunity. Int. J. Knowl. Lang. Process., 2(3):21–35.Google Scholar
  15. Lye, K.W., Wing, J., 2005. Game strategies in network security. Int. J. Inform. Secur., 4(1–2): 71–86. https://doi.org/10.1007/s10207-004-0060-xCrossRefGoogle Scholar
  16. Manadhata, P., 2013. Game theoretic approaches to attack surface shifting. In: Jajodia, S., Ghosh, A., Subrahmanian, V., et al. (Eds.), Moving Target Defense II: Application of Game Theory and Adversarial Modeling. Springer New York, New York, p.1–13. https://doi.org/10.1007/978-1-4614-5416-8_1Google Scholar
  17. Manshaei, M., Zhu, Q., Alpcan, T., et al., 2013. Game theory meets network security and privacy. ACM Comput. Surv., 45(3):25. https://doi.org/10.1145/2480741.2480742CrossRefMATHGoogle Scholar
  18. Moody, W.C., Hu, H., Apon, A., 2014. Defensive maneuver cyber platform modeling with stochastic Petri Nets. Int. Conf. on Collaborative Computing: Networking, Applications and Worksharing, p.531–538. https://doi.org/10.4108/icst.collaboratecom.2014.257559Google Scholar
  19. NITRD, 2009. National Cyber Leap Year Summit 2009. Co-chairs’ Report. https://www.nitrd.gov/fileupload/files/National_Cyber_Leap_Year_Summit_2009_CoChairs_Report.pdfGoogle Scholar
  20. NITRD, 2010. NITRD CSIA IWG Cybersecurity Game-Change Research and Development Recommendations. https://www.nitrd.gov/cybersecurity/Google Scholar
  21. Okhravi, H., Hobson, T., Bigelow, D., et al., 2014. Finding focus in the blur of moving-target techniques. IEEE Secur. Priv., 12(2):16–26. https://doi.org/10.1109/MSP.2013.137CrossRefGoogle Scholar
  22. Prakash, A., Wellman, M., 2015. Empirical game-theoretic analysis for moving target defense. 2nd ACM Workshop on Moving Target Defense, p.57–65. https://doi.org/10.1145/2808475.2808483CrossRefGoogle Scholar
  23. Shi, L., Jia, C., Lu, S., 2007. DoS evading mechanism upon service hopping. IFIP Int. Conf. on Network and Parallel Computing Workshops, p.119–122. https://doi.org/10.1109/NPC.2007.59Google Scholar
  24. Shi, L., Jia, C., Lv, S., 2009. A game theoretic analysis of service hopping mechanism for DoS defense. J. Electron. Inform. Techn., 31(1):228–232 (in Chinese).Google Scholar
  25. Urias, V.E., Stout, W.M.S., Loverro, C., 2015. Computer network deception as a moving target defense. Int. Carnahan Conf. on Security Technology, p.1–6. https://doi.org/10.1109/CCST.2015.7389665Google Scholar
  26. Vadlamudi, S., Sengupta, S., Kambhampati, S., et al., 2016. Moving target defense for web applications using Bayesian Stackelberg games. arXiv:1602.07024.Google Scholar
  27. Winterrose, M.L., Carter, K.M., 2014. Strategic evolution of adversaries against temporal platform diversity active cyber defenses. Proc. Symp. on Agent Directed Simulation, p.9.Google Scholar
  28. Winterrose, M.L., Carter, K.M., Wagner, N., et al., 2014. Adaptive attacker strategy development against moving target cyber defenses. arXiv:1407.8540.Google Scholar
  29. Zhu, Q., Başar, T., 2013. Game-theoretic approach to feedback-driven multi-stage moving target defense. LNCS, 8252:246–263. https://doi.org/10.1007/978-3-319-02786-9_15MATHGoogle Scholar
  30. Zhuang, R., DeLoach, S., Ou, X., 2014. Towards a theory of moving target defense. 1st ACM Workshop on Moving Target Defense, p.31–40. https://doi.org/10.1145/2663474.2663479Google Scholar

Copyright information

© Zhejiang University and Springer-Verlag GmbH Germany, part of Springer Nature 2017

Authors and Affiliations

  1. 1.College of ComputerNational University of Defense TechnologyChangshaChina

Personalised recommendations