Moving target defense (MTD) is a promising proactive defense technique to enhance system or network security. One caveat in developing a time-based MTD-enabled system is the potential performance degradation due to MTD operations being triggered periodically. In this work, we present our developed stochastic models based on deterministic stochastic Petri net (DSPN) formalism to assess the performance degradation introduced by periodic MTD operations. In addition, we demonstrate the effect of triggering a time-based MTD operation on performance degradation (e.g., jobs dropped or response time) and quality-of-service (QoS) of the system. We conducted comparative performance analysis with five DSPN models implemented in software packages such as TimeNet and Mercury under five different system configuration scenarios. Our key findings from this study include the following: (1) the deployment of MTD with the switchover strategy can improve the performance of services; (2) the switchover strategy showed the best cost-effectiveness among all strategies considered in this work; and (3) the interval of triggering MTD operations introduced a modest impact on job completion probability.
Read full abstract