| Title | Security and Availability Modeling of VM Migration as Moving Target Defense |
| Publication Type | Conference Paper |
| Year of Publication | 2020 |
| Authors | Torquato, Matheus, Maciel, Paulo, Vieira, Marco |
| Conference Name | 2020 IEEE 25th Pacific Rim International Symposium on Dependable Computing (PRDC) |
| Keywords | Availability, cloud computing, Computational modeling, Dynamic platform technique, Measurement, moving target defense, Petri nets, probability of attack success, pubcrawl, Random access memory, resilience, Resiliency, scheduling, security, Stochastic Computing Security, Stochastic processes, VM migration |
| Abstract | Moving Target Defense (MTD) is a defensive mechanism based on dynamic system reconfiguration to prevent or thwart cyberattacks. In the last years, considerable progress has been made regarding MTD approaches for virtualized environments, and Virtual Machine (VM) migration is the core of most of these approaches. However, VM migration produces system downtime, meaning that each MTD reconfiguration affects system availability. Therefore, a method for a combined evaluation of availability and security is of utmost importance for VM migration-based MTD design. In this paper, we propose a Stochastic Reward Net (SRN) for the probability of attack success and availability evaluation of an MTD based on VM migration scheduling. We study the MTD system under different conditions regarding 1) VM migration scheduling, 2) VM migration failure probability, and 3) attack success rate. Our results highlight the tradeoff between availability and security when applying MTD based on VM migration. The approach and results may provide inputs for designing and evaluating MTD policies based on VM migration. |
| DOI | 10.1109/PRDC50213.2020.00016 |
| Citation Key | torquato_security_2020 |
Security and Availability Modeling of VM Migration as Moving Target Defense