Abstract
The centralized control characteristics of software-defined networks (SDNs) make them susceptible to advanced persistent threats (APTs). Moving target defense, as an effective defense means, is constantly developing. It is difficult to effectively characterize an MTD attack and defense game with existing game models and effectively select the defense timing to balance SDN service quality and MTD decision-making benefits. From the hidden confrontation between the actual attack and defense sides, existing attack-defense scenarios are abstractly characterized and analyzed. Based on the APT attack process of the Cyber Kill Chain (CKC), a state transition model of the MTD attack surface based on the susceptible-infective-recuperative-malfunctioned (SIRM) infectious disease model is defined. An MTD attack-defense timing decision model based on the FlipIt game (FG-MTD) is constructed, which expands the static analysis in the traditional game to a dynamic continuous process. The Nash equilibrium of the proposed method is analyzed, and the optimal timing selection algorithm of the MTD is designed to provide decision support for the selection of MTD timing under moderate security. Finally, the application model is used to verify the model and method. Through numerical analysis, the timings of different types of attack-defense strategies are summarized.
Highlights
With the continuous development of cyberattacks, such as advanced persistent threats (APTs), cybersecurity faces significant challenges [1]. e software-defined network (SDN), as a next-generation network system, is vulnerable to a variety of security threats [2]
moving target defense (MTD) timing research has an important focus with application significance, in which the timing problem is integrated and systematic. e work of this paper mainly focuses on the MTD timing strategy
The decision-making problem of MTD timing based on game theory is still in its infancy. ere are still many limitations in terms of the theoretical basis, game model, and equilibrium solution
Summary
With the continuous development of cyberattacks, such as advanced persistent threats (APTs), cybersecurity faces significant challenges [1]. e software-defined network (SDN), as a next-generation network system, is vulnerable to a variety of security threats [2]. Is paper is mainly concerned with analyzing the optimal equilibrium point of Security and Communication Networks attack-defense timing strategies in the framework of the FlipIt game to guide the MTD defender on how to trigger the timing of the implementation. E MTD attack and defense process is described as the transformation of the attack surface state, which provides state-variable support for the MTD timing selection model construction and game analysis. In response to information feedback during the game, to fit real network attack and defense scenarios, the MTD timing selection model-based FlipIt game is described from the perspective of incomplete information. As ∀t ∈ [t0, T], SAS(t) + IAS(t) + RAS(t) + MAS(t) AAS, the differential equations of the MTD network attack surface state transition based on the SIRM infectious disease model are expressed as. E above differential equations describe the rate of change of the SAS, IAS, RAS, and MAS with time, which provides state variables for the construction of the FG-MTD model where α is the probability of changing from a SAS to an IAS, β is the probability of transforming from an IAS to a RAS, λ is the probability of transforming from an IAS to a MAS, and μ is the probability of transforming from an IAS to a RAS
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
