Analysis on Diversity, Randomness, and Dynameicity

Abstract

As mentioned earlier, moving target defense (MTD) [1] adopts multiple security technologies featuring diversity, dynamicity, and randomness, aiming to change the passive cyber defense situation by greatly increasing the cost of attack and vulnerability exploitation through the deployment and operation of networks, platforms, systems, devices, and even components that are subject to apparent uncertainty and random dynamics. In fact, such basic defense methods or technical elements as diversity, randomness, redundancy, and dynamicity are not exclusively for MTD or certain security defense systems. They have been widely used in all aspects of the related fields, and the purpose is nothing but how to endow the target system with security attributes, such as diversity, randomness, and dynamicity, to build a survivable, recoverable, and fault-tolerant self-adaptive system in the harsh context of an elusive operating environment, asymmetrical threats, or uncertain failures. For example, the biodiversity mechanism in natural communities guarantees the stability of the ecosystems, while the dynamic multipath forwarding mechanism in communication networks guarantees the anti-interception of data transmission. Various encryption technologies are applying pseudo-random properties or methods, and the redundancy technology is a “talisman” in the field of reliability. This chapter will elaborate on the concepts, characteristics, and applications of diversity, randomness, and dynamicity technologies themselves and analyze the possible engineering challenges for introducing these underlying defense technologies into information systems, with an attempt to comb the ties among the three technologies and propose the relevant arguments.