Abstract
A Moving Target Defense (MTD)-enabled system is one which can dynamically and rapidly change its properties and code such that the attackers do not have sufficient time to exploit it. Although a variety of MTD systems have been proposed, few work has focused on assessing the relative cost-effectiven
Highlights
In the history of arms-race between attackers and defenders, the game setting has always favored the attackers
We present a detailed case study on evaluating a specific Moving Target Defense (MTD) category called software diversification with evaluation results, which validates the effectiveness of our proposed evaluation framework
We first evaluate three software diversification algorithms in terms of our general evaluation metrics including survivability, unpredictability, movability, and stability, which builds a foundation for our Analytic Hierarchy Process (AHP) procedure
Summary
In the history of arms-race between attackers and defenders, the game setting has always favored the attackers. Rather than leaving the system properties and code static and persistent long enough for an attacker to exploit vulnerabilities, a MTD-enabled system would rapidly change its properties and code such that the attackers do not have sufficient time to study, search, and further to exploit. We propose an assessment framework for systematically evaluating and comparing the security strengthes and costs of multiple MTD-based approaches. We present a detailed case study on evaluating a specific MTD category called software diversification with evaluation results, which validates the effectiveness of our proposed evaluation framework.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
