A Survey of Moving Target Defenses for Network Security (1905.00964v2)

Abstract: Network defenses based on traditional tools, techniques, and procedures fail to account for the attacker's inherent advantage present due to the static nature of network services and configurations. To take away this asymmetric advantage, Moving Target Defense (MTD) continuously shifts the configuration of the underlying system, in turn reducing the success rate of cyberattacks. In this survey, we analyze the recent advancements made in the development of MTDs and define categorizations that capture the key aspects of such defenses. We first categorize these defenses into different sub-classes depending on what they move, when they move and how they move. In trying to answer the latter question, we showcase the use of domain knowledge and game-theoretic modeling can help the defender come up with effective and efficient movement strategies. Second, to understand the practicality of these defense methods, we discuss how various MTDs have been implemented and find that networking technologies such as Software Defined Networking and Network Function Virtualization act as key enablers for implementing these dynamic defenses. We then briefly highlight MTD test-beds and case-studies to aid readers who want to examine or deploy existing MTD techniques. Third, our survey categorizes proposed MTDs based on the qualitative and quantitative metrics they utilize to evaluate their effectiveness in terms of security and performance. We use well-defined metrics such as risk analysis and performance costs for qualitative evaluation and metrics based on Confidentiality, Integrity, Availability (CIA), attack representation, QoS impact, and targeted threat models for quantitative evaluation. Finally, we show that our categorization of MTDs is effective in identifying novel research areas and highlight directions for future research.

• The paper surveys and categorizes Moving Target Defense (MTD) strategies for network security, defining them by what, when, and how configurations move.
• It details MTD implementation utilizing technologies like SDN/NFV and outlines qualitative/quantitative metrics for evaluating security effectiveness and performance impacts.
• The survey highlights challenges like hybridizing surface movements and identifies future research into scalable deployment and better evaluation metrics.

A Survey of Moving Target Defenses for Network Security

The paper "A Survey of Moving Target Defenses for Network Security" by Sengupta et al. provides a comprehensive overview of the landscape of Moving Target Defense (MTD) strategies in network security. The primary goal of MTD is to disrupt the asymmetric advantage that attackers hold due to the static nature of network configurations. The survey meticulously categorizes and analyzes contemporary developments in MTD techniques, offering a structured framework for understanding defense mechanisms that continuously alter system configurations.

Definition and Categorization

The paper begins by clearly defining MTD using three critical parameters: what to move, when to move, and how to move. The configuration set (what to move) includes the exploration, attack, detection, and prevention surfaces of a system. The timing function (when to move) can be constant or variable, highlighting different strategies for timing the switch in configurations. The movement strategy (how to move) often involves implementing stochastic or game-theoretic models to guide decision-making in response to potential threats.

The defense mechanisms are categorized according to their focus, such as:

• Exploration Surface Shifting: Techniques to mislead attackers during reconnaissance, making system behavior unpredictable with tools such as Random Host Mutation.
• Attack Surface Shifting: Techniques designed to make specific attacks inapplicable by changing the available configurations, such as varying software stacks.
• Detection and Prevention Surface Shifting: Involves moving detection mechanisms and response strategies to minimize the impact on system performance while increasing uncertainty for attackers.

Implementation and Evaluation

The authors explore practical implementations of MTDs, emphasizing the utility of Software Defined Networking (SDN) and Network Functions Virtualization (NFV). These technologies facilitate dynamic configuration changes crucial for MTD deployment. The paper reviews a range of implementations from academic testbeds to commercial products, assessing their maturity levels from simulation-based experiments to real-world industrial applications.

In terms of evaluation, the survey highlights key qualitative and quantitative metrics necessary for assessing MTD effectiveness. Qualitative metrics are discussed in terms of security and performance impacts on both individual configurations and the overall ensemble. The paper underlines the importance of considering both security gains and usability costs, such as latency and availability, in determining the MTD impact on performance.

Implications and Future Research Directions

While MTD strategies have shown promise in increasing the security of network configurations by introducing unpredictability, the paper also points out several open research directions. A significant area for future exploration is the hybridization of surface movements, which could potentially offer enhanced security solutions but comes with the challenge of ensuring compatibility and cost efficiency.

The paper suggests further research into scalable deployment of MTD strategies and comprehensive modeling of attacker behavior, particularly Advanced Persistent Threats (APTs), to optimize defense mechanisms. It encourages the development of new metrics for balanced evaluation of security efficacy and performance trade-offs, alongside an investigation into how MTD implementation might inadvertently introduce new attack surfaces.

In conclusion, this survey provides a structured understanding of MTD approaches and highlights the importance of continuous research to address the challenges posed by dynamic and sophisticated attack vectors in cybersecurity.