Scalable Security Models for Assessing Effectiveness of Moving Target Defenses

Author

Hong, Jin B. ; Dong Seong Kim

Author_Institution

Comput. Sci. & Software Eng. Dept., Univ. of Canterbury, Christchurch, New Zealand

fYear

2014

fDate

23-26 June 2014

Firstpage

515

Lastpage

526

Abstract

Moving Target Defense (MTD) changes the attack surface of a system that confuses intruders to thwart attacks. Various MTD techniques are developed to enhance the security of a networked system, but the effectiveness of these techniques is not well assessed. Security models (e.g., Attack Graphs (AGs)) provide formal methods of assessing security, but modeling the MTD techniques in security models has not been studied. In this paper, we incorporate the MTD techniques in security modeling and analysis using a scalable security model, namely Hierarchical Attack Representation Models (HARMs), to assess the effectiveness of the MTD techniques. In addition, we use importance measures (IMs) for scalable security analysis and deploying the MTD techniques in an effective manner. The performance comparison between the HARM and the AG is given. Also, we compare the performance of using the IMs and the exhaustive search method in simulations.

Keywords

graph theory; security of data; HARMs; IMs; MTD; attack graphs; effectiveness assessment; exhaustive search method; hierarchical attack representation models; importance measures; moving target defenses; networked system security; scalable security models; security assessment; Analytical models; Computational modeling; Diversity methods; Internet; Linux; Measurement; Security; Attack Representation Model; Importance Measures; Moving Target Defense; Security Analysis; Security Modeling Techniques;

fLanguage

English

Publisher

ieee

Conference_Titel

Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on

Conference_Location

Atlanta, GA

Type

conf

DOI

10.1109/DSN.2014.54

Filename

6903607