International Journal on Data Science and Technology
Volume 4, Issue 3, September 2018, Pages: 84-92
Received: May 19, 2018;
Accepted: Jul. 1, 2018;
Published: Aug. 16, 2018
Views 926 Downloads 49
Tan Tiantian, Department of Computer, National University of Defense Technology, Changsha, China
Wang Baosheng, Department of Computer, National University of Defense Technology, Changsha, China
Wang XiaoFeng, Department of Computer, National University of Defense Technology, Changsha, China
Cai Guilin, Faculty of Crap, Crap 95942, Wuhan, China
Luo Yuebin, Department of Computer, National University of Defense Technology, Changsha, China
Xiang Zheng, Department of Network, Hunan Institute of Information Technology, Changsha, China
The concept of moving target defense (MTD) is an excellent solution proposed in USA to make the defender become dominant player while the defender is the disadvantage one in the game of defender and attacker. Focus on summarized the attack surface characteristic and functional connotation of moving target defense, according to the hierarchy in the execution stack, this paper classified and analyzed current moving target defense technologies into four categories, such as dynamic communication network, dynamic communication run-time environment, dynamic communication data and dynamic communication application, described the theory of every mechanism in each category, summarized the advantages and disadvantages of each mechanism. On the basis of the study of current mechanisms of moving target defense technologies, this paper designed a moving target defense system based on terminal information hopping and analyzed its anti-attack performance. The experiment result proven that system can effectively increase the time consumption and complexity of successful attack, and decrease successful attack rate by continually shifting the attack surface, our design greatly improved the strength of inactive defense. This study can provide the theoretical guidance for the design and implementation of muti-mechanisms moving target defense systems.
The New Progress of Motive Target Defense Technology, International Journal on Data Science and Technology.
Vol. 4, No. 3,
2018, pp. 84-92.
Gui-lin CAI, Bao-sheng WANG, et al. "Moving target defense: state of the art and characteristics," Frontiers of Information Technology & Electronic, vol. 17. 11, pp. 1122-1153, 2016.
Manadhata, Pratyusa K., and J. M. Wing. "An Attack Surface Metric,"IEEE Transactions on Software Engineering, vol. 37 (3), pp. 371-386, 2011.
Zhu Q, Ba§ar T. “Game-theoretic approach to feedback- driven multi-stage moving target defense,” Proceedings of the 4th International Conference on Decision and Game Theory for Security, Fort Worth, USA, pp. 246-263, 2013.
Wei P, Feng L, Chin-Tser H, et al. “A moving-target defense strategy for Cloud-based services with heterogeneous and dynamic attack surfaces,” Proceedings of IEEE International Conference on Communications, Sydney. Australia, 2014, pp. 804-809.
Zhuang R, Zhang S, Deloach S A, et al. “Simulation- based approaches to studying effectiveness of moving-target network defense,” National Symposiumon Moving Target Research, vol. 53. 39, pp. 15111-15126, 2013.
July. “Cybersecurity Progress after President Obama’ s Address,” The White House National Security Council, 2012.
NITRD CSIAIWG. “Cybersecurity Game-Change Research & Development Recommendations,” NITRD, 2010.
Cai G L, Wang B S, Luo Y B, et al. “Research and Development of moving target defense technology,” Journal of Computer Research and Development, vol. 53. 5, pp. 968¬987, 2016.
Manadhata P. “Game Theoretic Approaches to Attack Surface Shifting,” New York: Springer,, 2013, pp. 1-13.
Kewley D, Fink R, Lowry J, et al. “Dynamic approaches to thwart adversary intelligence gathering,” Proceedings of the DARPA Information Survivability Conference & Exposition II, Anaheim, USA, pp. 176-185, 2001.
Basam D, Ransbottom JS, Marchany RC, et al. “Strengthening MT6D defenses with LXC-based honeypot capabilities,” Electricaland Computer Enginering, vol. 2, pp. 12, 2016,
Jafarian J H, Al-Shaer E, Duan Q. “Adversary-aware IP address randomization for proactive agility against sophisticated attackers,” Proceedings of 2015 IEEE Conference on Computer Communications (INFOCOM), Hong Kong, China, pp. 738-746, 2015.
Jafar Haadi Jafarian, Al-Shaer E, Duan Q. “An effective address mutation approach for disrupting reconnaissance attacks,” IEEE Transactions of Information Forensics and Security, vol. 10(2), pp. 2562-2577, 2015.
Antonatos S, Akritidis P, Markatos E P, et al. “Defending against hitlist worms using network address space randomization,” Proceedings of the 2005 ACM Workshop on Rapid Malcode, Fairfax, USA, pp. 30-40, 2005.
Lee H C, Thing V LL.” Port hopping for resilient networks,” Proceedings of 2004 IEEE 60th Vehicular Technology Conference, Los Angeles, USA, pp. 3291 – 3295, 2004.
Badishi G, Herzberg A, Keidar I. “Keeping denial of service attackers in the dark,” IEEE Transactions on Dependable & Secure Computing, vol. 4(3), pp. 191-204, 2007.
Sifalakis M, Schmid S, Hutchison D. “Network address hopping: a mechanism to enhance data protection for packet communications,” Proceedings of IEEE International Conference on Communication, Beijing, China, pp. 1518-1523, 2005.
Atighetchi M, Pal P, Webber F, et al. “Adaptive use of network-centric mechanisms in cyber-defense,” Proceedings of IEEE International Symposium on Object-Oriented Real-Time Distributed Computing, Hokkaido, Japan, pp. 183-192, 2003.
Raytheon Company. “MORPHINATOR,” http://www.ray- theon.com+: Raytheon company, 2012.
Wendzel S. “Protocol hopping covert channels,” http:// www. wendzel. de/dr. org/files/Papers/protocolhopping _ MP_DE.pdf: Wendzel, 2008
Guang-jia SONG, and Zhen-zhou JI. "Anonymous-address-resolution model," Frontiers of Information Technology& Electronic Engineering, Vol. 17(10), pp. 1044-1055, 2016.
Mian CHENG, Jin-shu SU, and Jing XU. "Real-time pre-processing system with hardware accelerator for mobile core networks," Frontiers of Information Technology & Electronic Engineering, Vol. 18(11), pp. 1720-1731, 2017.
Peng JIANG, Qiaoyan WEN, et al. “An anonymous and efficient remote biometrics user authentication scheme in a multi-server environment,” Frontiers of Computer Science, vol. 9(1), pp. 142-156, 2015.
Yackoski J, Xie P, Bullen H, et al. “A self-sliielding dynamic network architecture,” Proceedings of the Military Communications Conference, New York, USA, 2011, pp. 1381-1386.
Clark A, Sun K, Poovendran R. “Effectiveness of IP address randomization in decoy-based moving target defense,” Proceedings of the Decision and Control, Florence, Italy, pp. 678-685, 2013.
Okhravi H, Comella A, Robinson E, et al. “Creating a cyber moving target for critical infrastructure applications using platform diversity,” International Journal of Critical Infrastructure Protection, vol. 5(1), pp. 30-39, 2012.
Bangalore A K, Sood A K. “Securing web servers using self cleansing intrusion tolerance,” Proceedings of the International Conference on Dependability, Brunow, Poland, pp. 60-65, 2009.
Huang Y, Ghosh A. “Introducing Diversity and Uncertainty to Create Moving Attack Surfaces for Web Services,” New York: Springer, vol. 54, pp. 131-151, 2011.
Kc G S, Keromytis A D, Prevelakis V. “Countering code injection attacks with instruction-set randomization,” Proceedings of ACM Conference on Computer and Communications Security, Washington, USA, pp. 272-280, 2003.
Lucas B, Fulp E W, John D J, et al. “An initial framework for evolving computer configurations as a moving target defense,” Proceedings of the Cyber and Information Security Research Conference, New York, USA, pp. 69-72, 2014.
John D J, Smith R W, Turkett W H, et al. “Evolutionary based moving target cyber defense,” Proceedings of the Companion Publication of the 2014 Annual Conference on Genetic and Evolutionary Computation, Vancouver, Canada, pp. 1261-1268, 2014.
Jackson T, Salamat B, Homescu A, et al. “Compiler-generated software diversity,” Advances in Information Security, vol. 54, pp. 77-98, 2011.
Christodorescu M, Fredrikson M, Jha S, et al. “End-to-End Software Diversification of Internet Services,” New York:Springer, 2011, vol. 54, pp. 117-130.
Goues C, Nguyen-Tuong A, Chen H, et al. “Moving Target Defenses in the Helix Self-Regenerative Architecture,” NewYork:Springer, 2013, vol. 100, pp. 117-149.
Ma J, Dunagan J, Wang H J, et al. “Finding diversity in remote code injection exploits,” Proceedings of the 6th ACM SIGCOMM Conference on Internet measurement, Riode Janeriro, Brazil, pp. 53-64, 2006.
Bhatkar S, Sekar R. “Data space randomization,” Proceedings of the 5th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, Paris, France, pp. 1-22, 2008.
Cowan C, Beattie S, Johansen J, et al. “PointGuard™: protecting pointers from buffer overflow vulnerabilities,” Proceedings of the 12th Conference on USENIX Security Symposium, Washington, USA, pp. 7-12, 2003.
Rinard M C, Cadar C, Dumitran D, et al. “A dynamic technique for eliminating buffer overflow vulnerabilities,” Proceedings of the 20th Annual Computer Security Applications Conference, Tucson, USA, pp. 82-90, 2004.
Bhatkar S, DuVarney D C, Sekar R. “Address obfuscation:an efficient approach to combat a broad range of memory error exploits,” Proceedings of the Conference on USENIX Security Symposium, Berkeley, USA, pp. 105-120, 2003.