To evaluate the effectiveness of moving network defense, this paper presents the host security state deduce graph construction algorithm in moving network defense environment. The host security state transition model is constructed, the quantitative effectiveness evaluation method is proposed for moving network defense based on host state transition probability, and a useful reference is provided for the design of moving network defense policy. Finally, feasibility and effectiveness of the proposed model and method are illustrated and verified in a representative network example.
刘江,张红旗,杨英杰,王义功. 基于主机安全状态迁移模型的动态网络防御有效性评估[J]. 电子与信息学报, 2017, 39(3): 509-517.
LIU Jiang, ZHANG Hongqi, YANG Yingjie, WANG Yigong. Effectiveness Evaluation of Moving Network Defense Based on Host Security State Transition Model. JEIT, 2017, 39(3): 509-517.
PRAKASH A and WELLMAN M P. Empirical game-theoretic analysis for moving target defense[C]. Proceedings of the Second ACM Workshop on Moving Target Defense, Denver, Colorado, USA, 2015: 57-65.
[2]
ZHUANG Rui, BARDAS A G, DELOACH S A, et al. A theory of cyber attacks: a step towards analyzing MTD systems[C]. Proceedings of the Second ACM Workshop on Moving Target Defense, Denver, Colorado, USA, 2015: 11-20.
[3]
GREEN M, MACFARLAND D C, SMESTAD D R, et al. Characterizing network-based moving target defenses[C]. Proceedings of the Second ACM Workshop on Moving Target Defense, Denver, Colorado, USA, 2015: 31-35.
[4]
JAFARIAN J H, AL-SHAER E, and QI Duan. An effective address mutation approach for disrupting reconnaissance attacks[J]. IEEE Transactions on Information Forensics and Security, 2015, 10(12): 2562-2577. doi: 10.1109/TIFS.2015. 2467358.
[5]
EVANS D, NGUYEN-TUONG A, and KNIGHT J. Effectiveness of Moving Target Defenses[M]. New York: Moving Target Defense I: Creating Asymmetric Uncertainty for Cyber Threats, Springer, 2011: 29-48.
[6]
MANADHATA P K. Game Theoretic Approaches to Attack Surface Shifting[M]. New York: Moving Target Defense II: Application of Game Theory and Adversarial Modeling, Springer, 2013: 1-13.
[7]
ZHUANG Rui, ZHANG Su, DELOACH S A, et al. Simulation-based approaches to studying effectiveness of moving target network defense[C]. In National Symposium on Moving Target Research, Annapolis, MD, USA, 2012: 21-26.
[8]
OKHRAVI H, RIORDAN J, and CARTER K. Quantitative Evaluation of Dynamic Platform Techniques as a Defensive Mechanism[M]. New York: Research in Attacks, Intrusions and Defenses, Springer, 2014: 405-425.
[9]
ZHUANG Rui, DELOACH S A, and OU Xinming. A model for analyzing the effect of moving target defenses on enterprise networks[C]. Procee dings of the 9th Annual Cyber and Information Security Research Conference, Tennessee, USA, 2014: 73-76.
[10]
HAN Yujuan, LU Wenlian, and XU Shouhuai. Characterizing the power of moving target defense via cyber epidemic dynamics[C]. Proceedings of the 2014 Symposium and Bootcamp on the Science of Security, Raleigh, NC, USA, 2014: 23-33.
[11]
CARROLL T E, CROUSE M, FULP E W, et al. Analysis of
network address shuffling as a moving target defense[C]. 2014 IEEE International Conference on Communications, Sydney, Australia, 2014: 701-706.
[12]
HONG J B and KIM D S. Assessing the effectiveness of moving target defenses using security models[J]. IEEE Transactions on Dependable and Secure Computing, 2015, 13(2): 163-177. doi: 10.1109/TDSC.2015.2443790.
JIANG Wei, FANG Binxing, TIAN Zhihong, et al. Evaluating network security and optimal active defense based on attack-defense game model[J]. Chinese Journal of Computers, 2009, 32(4): 817-827. doi: 10.3724/SP.J.1016. 2009.00817.
[14]
VAN LEEUWEN B, STOUT W, and URIAS V. Operational cost of deploying moving target defenses defensive work factors[C]. 2015 IEEE Military Communications Conference, Tampa, FL, USA, 2015: 966-971.
[15]
ZAFFARANO K, TAYLOR J, and HAMILTON S. A quantitative framework for moving target defense effectiveness evaluation[C]. Proceedings of the Second ACM Workshop on Moving Target Defense, Denver, Colorado, USA, 2015: 3-10.
[16]
SHEYNER O, HAINES J, JHA S, et al. Automated generation and analysis of attack graphs[C]. Proceedings of 2002 IEEE Symposium on Security and Privacy, California, USA, 2002: 273-284.
[17]
YACKOSKI J, BULLEN H, YU Xiang, et al. Applying Self-shielding Dynamics to the Network Architecture[M]. New York: Moving Target Defense II: Application of Game Theory and Adversarial Modeling, Springer, 2013: 97-115.