Probabilistic models for evaluating network edge's resistance against scan and foothold attack

Abstract

AbstractThe threat of Scan and Foothold Attack to the Network Edge (SFANE) is increasing, which greatly affects the application and development of edge computing network architecture. However, existing works focus on the implementation of specific technologies that resist the SFANE but ignore the effectiveness analysis of them. To overcome this limitation, this paper constructs probabilistic models for evaluating network edge's resistance against SFANE. In particular, the attacker models of the SFANE based on the ATT&CK model are first formalized. Afterward, according to the state‐of‐the‐art defense technologies, three different defense strategies are illustrated: no defense, address mutation, and fingerprint decoy. Subsequently, three different probabilistic models are constructed to provide a deeper analysis of the theoretical effect of these strategies on resisting the SFANE. Finally, the experimental results show that the actual defense effect of each strategy almost perfectly follows its probabilistic model.