Optimal temporospatial strategy selection approach to moving target defense: A FlipIt differential game model

Abstract

Decision-making on defense against moving targets largely focuses on selection of spatial strategies, which can lack consideration of optimal defense timing, lack comprehensive defense effectiveness, and affect the execution of a defense strategy. Current selection methods for defense timing are based on the decision-making model of a discrete time series structure, and they present problems such as inadequate real-time performance for continuous decision-making. Based on the dynamic temporospatial confrontation characteristics of network attack and defense, this paper proposes an improved moving target defense model based on the multidimensional transition of exploration-attack-detection surfaces, analyzes the characteristics of attack-defense games for moving target defense (MTD) and temporospatial strategies, and describes the characteristics of stealth interaction based on the FlipIt MTD system security state evolution. We use the game to analyze continuous network attack-defense processes to build an MTD temporospatial decision-making model. We quantify the attacker's and defender's utilities, design a saddle-point strategy solution, and develop an optimal temporospatial defense strategy selection algorithm. We use application examples and numerical analysis results to show that the model and algorithm are accurate and effective.