Moving Target Defenses (MTDs) are techniques used to defend computer networks that seek to delay or prevent attacks during any phase of the cyber kill chain by dynamically changing the makeup of the systems or network such that an effective attack cannot be planned or executed. There are a variety of methods available to implement MTDs, such as dynamically changing network addresses, memory addresses, user-level services, or even operating systems or data. These changes can take the form of changing signatures or outward appearance, or actual changes in network configuration or software.;Although many schemes are described in the literature, there is no universal method to measure their effectiveness. Likewise, there is very little uniformity in how the overhead of these techniques is measured, if it is even mentioned at all. These factors make it difficult, if not impossible, to effectively compare MTDs. Therefore, a quantification framework for MTDs is needed to properly compare MTDs or optimize their performance.;Additionally, many MTDs have a limited scope that usually only covers a subset of potential attack vectors with no single solution that offers protection in every scenario. Ideally, several techniques could be combined to provide defense-in-depth, but integration is often lacking and the lack of universal metrics for evaluating performance prevents us from assessing the combined impact of multiple techniques.;This work presents a framework for comparing different MTDs or the combined effects of a set of MTDs by calculating a utility value as a function of the impact the MTD has on the attacker's success rate or level of additional effort required. It also calculates a utility value as a function of the overhead. The weighted average of these utility values can then be used to compute an aggregate utility value. This model is then tested by several experiments that compare a variety of MTDs, observing their combined effect, and finding optimal settings for each MTD.;The proposed framework fulfills the need for a systematic approach to compare MTDs with one another despite their diversity and make an optimal selection of techniques for a given scenario. The framework may also be used to find an optimal combination of settings for those MTDs and adapt their settings for changing external conditions. The model is not only designed to accommodate existing MTD techniques, but can be extended to work with any future techniques that may appear. It may also guide future research efforts by identifying commonly-used MTDs for integration or potentially identify focus areas for MTD development to address common gaps in coverage.;To further support this concept, we also propose a quantitative analytic model for assessing the resource availability and performance of MTDs, and a method for determining the reconfiguration rate that maximizes a utility function that incorporates the tradeoffs between the attacker's success probability and response time. This model may be used to evaluate an individual MTD or used in conjunction with the MTD quantification framework. The analytic results are validated by simulation and experimentation.
展开▼
