首页> 外文期刊>IEEE transactions on dependable and secure computing >Assessing the Effectiveness of Moving Target Defenses Using Security Models
【24h】

Assessing the Effectiveness of Moving Target Defenses Using Security Models

机译:使用安全模型评估移动目标防御的有效性

获取原文
获取原文并翻译 | 示例

摘要

Cyber crime is a developing concern, where criminals are targeting valuable assets and critical infrastructures within networked systems, causing a severe socio-economic impact on enterprises and individuals. Adopting moving target defense (MTD) helps thwart cyber attacks by continuously changing the attack surface. There are numerous MTD techniques proposed in various domains (e.g., virtualized network, wireless sensor network), but there is still a lack of methods to assess and compare the effectiveness of them. Security models, such as an attack graph (AG), provide a formal method of analyzing the security, but incorporating MTD techniques in those security models has not been studied. In this paper, we incorporate MTD techniques into a security model, namely a hierarchical attack representation model (HARM), to assess the effectiveness of them. In addition, we use importance measures (IMs) for deploying MTD techniques to enhance the scalability. Finally, we compare the scalability of AG and HARM when deploying MTD techniques, as well as changes in performance and security in our experiments.
机译:网络犯罪是一个日益严重的问题,犯罪分子将目标对准网络系统中的宝贵资产和关键基础设施,从而对企业和个人造成严重的社会经济影响。采用移动目标防御(MTD)可通过不断更改攻击面来阻止网络攻击。在各个领域(例如,虚拟化网络,无线传感器网络)中提出了许多MTD技术,但是仍然缺少评估和比较它们的有效性的方法。安全模型(例如攻击图(AG))提供了一种分析安全性的正式方法,但是尚未研究将MTD技术纳入这些安全模型中。在本文中,我们将MTD技术纳入安全模型(即分层攻击表示模型(HARM))中,以评估其有效性。此外,我们使用重要性度量(IM)来部署MTD技术以增强可伸缩性。最后,我们比较了部署MTD技术时AG和HARM的可伸缩性,以及实验中性能和安全性的变化。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有
  • 客服微信

  • 服务号