Quantitative Analysis of Network Address Randomization's Security Effectiveness

Submitted by grigby1 on Fri, 05/15/2020 - 10:57am

Title	Quantitative Analysis of Network Address Randomization's Security Effectiveness
Publication Type	Conference Paper
Year of Publication	2018
Authors	Wang, Shaolei, Zhou, Ying, Li, Yaowei, Guo, Ronghua, Du, Jiawei
Conference Name	2018 IEEE 18th International Conference on Communication Technology (ICCT)
Date Published	oct
ISBN Number	978-1-5386-7635-6
Keywords	Analytical models, Complexity theory, computer network security, Fingerprint recognition, general attacks, moving target defensee, network address randomization, network address randomization techniques, Network Address Translation, Network reconnaissance, pubcrawl, quantitative analysis, quantitative security effectiveness analysis, random processes, randomization frequency, randomization space, Reconnaissance, resilience, Resiliency, Scalability, security effectiveness analysis, static network address, statistical analysis
Abstract	The quantitative security effectiveness analysis is a difficult problem for the research of network address randomization techniques. In this paper, a system model and an attack model are proposed based on general attacks' attack processes and network address randomization's technical principle. Based on the models, the network address randomization's security effectiveness is quantitatively analyzed from the perspective of the attacker's attack time and attack cost in both static network address and network address randomization cases. The results of the analysis show that the security effectiveness of network address randomization is determined by the randomization frequency, the randomization space, the states of hosts in the target network, and the capabilities of the attacker.
URL	https://ieeexplore.ieee.org/document/8600181
DOI	10.1109/ICCT.2018.8600181
Citation Key	wang_quantitative_2018

Groups:

Science of Security VO