Evaluation for Combination of Shuffle and Diversity on Moving Target Defense Strategy for Cloud Computing
作者: Hooman Alavizadeh , Julian Jang-Jaccard , Dong Seong Kim
DOI: 10.1109/TRUSTCOM/BIGDATASE.2018.00087
关键词:
摘要: Moving Target Defence (MTD) has been recently proposed and is an emerging proactive approach which provides asynchronous defensive strategies. Unlike traditional security solutions that focused on removing vulnerabilities, MTD makes a system dynamic unpredictable by continuously changing attack surface to confuse attackers. can be utilized in cloud computing address the cloud's security-related problems. There are many literature proposing methods various contexts, but it still lacks approaches evaluate effectiveness of method. In this paper, we combination Shuffle Diversity techniques investigate effects deploying these from two perspectives lying groups metrics (i) risk: providers' perspective (ii) cost return attack: attacker's point view. Moreover, utilize scalable Graphical Security Model (GSM) enhance analysis complexity. Finally, show combining improve both aforementioned while individual technique cannot.
uq.edu.au参考文章(22)
David Evans, Anh Nguyen-Tuong, John Knight, Effectiveness of Moving Target Defenses Moving Target Defense. pp. 29- 48 ,(2011) , 10.1007/978-1-4614-0977-9_2
Jin Bum Hong, Dong Seong Kim, HARMs: Hierarchical Attack Representation Models for Network Security Analysis australian information security management conference. pp. 74- 81 ,(2012) , 10.4225/75/57B559A3CD8DA
Ehab Al-Shaer, Toward Network Configuration Randomization for Moving Target Defense Moving Target Defense. pp. 153- 159 ,(2011) , 10.1007/978-1-4614-0977-9_9
Pratyusa K. Manadhata, Game Theoretic Approaches to Attack Surface Shifting Moving Target Defense. pp. 1- 13 ,(2013) , 10.1007/978-1-4614-5416-8_1
Boris Danev, Ramya Jayaram Masti, Ghassan O. Karame, Srdjan Capkun, Enabling secure VM-vTPM migration in private clouds annual computer security applications conference. pp. 187- 196 ,(2011) , 10.1145/2076732.2076759
Justin P. Rohrer, Abdul Jabbar, James P. G. Sterbenz, Path diversification for future internet end-to-end resilience and survivability Telecommunication Systems. ,vol. 56, pp. 49- 67 ,(2014) , 10.1007/S11235-013-9818-7
Wei Peng, Feng Li, Chin-Tser Huang, Xukai Zou, A moving-target defense strategy for Cloud-based services with heterogeneous and dynamic attack surfaces international conference on communications. pp. 804- 809 ,(2014) , 10.1109/ICC.2014.6883418
Quan Jia, Huangxin Wang, Dan Fleck, Fei Li, Angelos Stavrou, Walter Powell, Catch Me If You Can: A Cloud-Enabled DDoS Defense dependable systems and networks. pp. 264- 275 ,(2014) , 10.1109/DSN.2014.35
Shardul Vikram, Chao Yang, Guofei Gu, NOMAD: Towards non-intrusive moving-target defense against web bots communications and networking symposium. pp. 55- 63 ,(2013) , 10.1109/CNS.2013.6682692
Mohamed Azab, Riham Hassan, Mohamed Eltoweissy, ChameleonSoft: A moving target defense system collaborative computing. pp. 241- 250 ,(2011) , 10.4108/ICST.COLLABORATECOM.2011.247115