Biblio

Moving Target Defense (MTD) has been emerged as a promising countermeasure to defend systems against cyberattacks asymmetrically while working well with legacy security and defense mechanisms. MTD provides proactive security services by dynamically altering attack surfaces and increasing attack cost or complexity to prevent further escalation of the attack. However, one of the non-trivial hurdles in deploying MTD techniques is how to handle potential performance degradation (e.g., interruptions of service availability) and maintain acceptable quality-of-service (QoS) in an MTD-enabled system. In this paper, we derive the service performance metrics (e.g., an extent of failed jobs) to measure how much performance degradation is introduced due to MTD operations, and propose QoS-aware service strategies (i.e., drop and wait) to manage ongoing jobs with the minimum performance degradation even under MTD operations running. We evaluate the service performance of software-defined networking (SDN)-based web services (i.e., Apache web servers). Our experimental results prove that the MTD-enabled system can minimize performance degradation by using the proposed job management strategies. The proposed strategies aim to optimize a specific service configuration (e.g., types of jobs and request rates) and effectively minimize the adverse impact of deploying MTD in the system with acceptable QoS while retaining the security effect of IP shuffling-based MTD.

Due to the constrained resource and computational limitation of many Internet of Things (IoT) devices, conventional security protections, which require high computational overhead are not suitable to be deployed. Thus, vulnerable IoT devices could be easily exploited by attackers to break into networks. In this paper, we employ cyber deception and moving target defense (MTD) techniques to proactively change the network topology with both real and decoy nodes with the support of software-defined networking (SDN) technology and investigate the impact of single-target and multi-target attacks on the effectiveness of the integrated mechanism via a hierarchical graphical security model with security metrics. We also implement a web-based visualization interface to show topology changes with highlighted attack paths. Finally, the qualitative security analysis is performed for a small-scale and SDN-supported IoT network with different combinations of decoy types and levels of attack intelligence. Simulation results show the integrated defense mechanism can introduce longer mean-time-to-security-failure and larger attack impact under the multi-target attack, compared with the single-target attack model. In addition, adaptive shuffling has better performance than fixed interval shuffling in terms of a higher proportion of decoy paths, longer mean-time-to-security-failure and largely reduced defense cost.

Moving target defense (MTD) is a proactive defense mechanism of changing the attack surface to increase an attacker's confusion and/or uncertainty, which invalidates its intelligence gained through reconnaissance and/or network scanning attacks. In this work, we propose software-defined networking (SDN)-based MTD technique using the shuffling of IP addresses and port numbers aiming to obfuscate both network and transport layers' real identities of the host and the service for defending against the network reconnaissance and scanning attacks. We call our proposed MTD technique Random Host and Service Multiplexing, namely RHSM. RHSM allows each host to use random, multiple virtual IP addresses to be dynamically and periodically shuffled. In addition, it uses short-lived, multiple virtual port numbers for an active service running on the host. Our proposed RHSM is novel in that we employ multiplexing (or de-multiplexing) to dynamically change and remap from all the virtual IPs of the host to the real IP or the virtual ports of the services to the real port, respectively. Via extensive simulation experiments, we prove how effectively and efficiently RHSM outperforms a baseline counterpart (i.e., a static network without RHSM) in terms of the attack success probability and defense cost.

With the interconnection of services and customers, network attacks are capable of large amounts of damage. Flexible Random Virtual IP Multiplexing (FRVM) is a Moving Target Defence (MTD) technique that protects against reconnaissance and access with address mutation and multiplexing. Security techniques must be trusted, however, FRVM, along with past MTD techniques, have gaps in realistic evaluation and thorough analysis of security and performance. FRVM, and two comparison techniques, were deployed on a virtualised network to demonstrate FRVM's security and performance trade-offs. The key results include the security and performance trade-offs of address multiplexing and address mutation. The security benefit of IP address multiplexing is much greater than its performance overhead, deployed on top of address mutation. Frequent address mutation significantly increases an attackers' network scan durations as well as effectively obfuscating and hiding network configurations.

Software Defined Networking (SDN) provides new functionalities to efficiently manage the network traffic, which can be used to enhance the networking capabilities to support the growing communication demands today. But at the same time, it introduces new attack vectors that can be exploited by attackers. Hence, evaluating and selecting countermeasures to optimize the security of the SDN is of paramount importance. However, one should also take into account the trade-off between security and performance of the SDN. In this paper, we present a security optimization approach for the SDN taking into account the trade-off between security and performance. We evaluate the security of the SDN using graphical security models and metrics, and use queuing models to measure the performance of the SDN. Further, we use Genetic Algorithms, namely NSGA-II, to optimally select the countermeasure with performance and security constraints. Our experimental analysis results show that the proposed approach can efficiently compute the countermeasures that will optimize the security of the SDN while satisfying the performance constraints.

It is important to assess the cost benefits of IT security investments. Typically, this is done by manual risk assessment process. In this paper, we propose an approach to automate this using graphical security models (GSMs). GSMs have been used to assess the security of networked systems using various security metrics. Most of the existing GSMs assumed that networks are static, however, modern networks (e.g., Cloud and Software Defined Networking) are dynamic with changes. Thus, it is important to develop an approach that takes into account the dynamic aspects of networks. To this end, we automate security investments analysis of dynamic networks using a GSM named Temporal-Hierarchical Attack Representation Model (T-HARM) in order to automatically evaluate the security investments and their effectiveness for a given period of time. We demonstrate our approach via simulations.

Emerging networking technologies, such as cloud and Software Defined Networking, provide flexibility, elasticity and functionalities to change the network configurations over time. However, changes also impose unpredictable security postures at different times, creating difficulties to the security assessment of the network. To address this issue, we propose a stateless security risk assessment, which combines the security posture of network states at different times to provide an overall security overview. This paper describes the methodologies of the stateless security risk assessment. Our approach is applicable to any emerging networking technologies with dynamic changes.

Cloud Data Center (CDC) security remains a major challenge for business organizations and takes an important concern with research works. The attacker purpose is to guarantee the service unavailability and maximize the financial loss costs. As a result, Distributed Denial of Service (DDoS) attacks have appeared as the most popular attack. The main aim of such attacks is to saturate and overload the system network through a massive data packets size flooding toward a victim server and to block the service to users. This paper provides a defending system in order to mitigate the Denial of Service (DoS) attack in CDC environment. Basically it outlines the different techniques of DoS attacks and its countermeasures by combining the filtering and detection mechanisms. We presented an analytical model based on queueing model to evaluate the impact of flooding attack on cloud environment regarding service availability and QoS performance. Consequently, we have plotted the response time, throughput, drop rate and resource computing utilization varying the attack arrival rate. We have used JMT (Java Modeling Tool) simulator to validate the analytical model. Our approach was appeared powerful for attacks mitigation in the cloud environment.