Moving Target Defense (MTD) is an emerging game-changing defense strategy in cybersecurity with the goal of strengthening defenders and conversely puzzling adversaries in a network environment. The successful deployment of an MTD system can be affected by several factors including 1) the effectiveness of the employed technique, 2) the deployment strategy, 3) the cost of the MTD implementation, and 4) the impact yielded by the enforced security policies. Many research efforts have been spent on introducing a variety of MTD techniques which are often evaluated through simulations. Nevertheless, this line of research needs more attention. In particular, the determination of optimal cost and policy analysis and the selection of those policies in an MTD setting is still an open research question. To advance the state-of-the-art of this line of research, this paper introduces an approach based on control theory to model, analyze and select optimal security policies for Moving Target Defense (MTD) deployment strategies. A Markov Decision Process (MDP) scheme is presented to model states of the system from attacking point of view. The employed value iteration method is based on the Bellman optimality equation for optimal policy selection for each state defined in the system. The model is then utilized to analyze the impact of various costs on the optimal policy. The MDP model is then applied to two case studies to evaluate the performance of the model.
翻译:目标转移防御(MTD)是网络安全中新出现的改变游戏的防御战略,目的是加强捍卫者,在网络环境中使对手产生反感;成功部署一个目标转移系统可能受到若干因素的影响,其中包括:(1) 所用技术的有效性,(2) 部署战略,(3) 实施目标转移战略的成本,(4) 强制执行安全政策的影响;许多研究努力都用于引进各种MTD技术,这些技术经常通过模拟来评估;然而,这一研究线需要更多关注;特别是,确定最佳成本和政策分析,以及在MTD环境中选择这些政策,仍然是一个开放的研究问题;为了推进这一研究线的现状,本文件采用了基于控制理论的方法,用以模拟、分析和选择目标转移防御(MTD)部署战略的最佳安全政策;马可夫决策程序(MDP)计划从攻击角度出发,以模拟系统状态为模型。 所采用的价值转换方法基于贝尔曼最佳政策选择模式的公式,对于每个州来说仍然是一个开放性研究问题。为了推进这一研究线的最新技术,本文件采用了一种基于控制理论的方法,用以模拟、分析和选择目标定位防御(MTD)部署战略的最佳安全政策;然后将模型用于分析。