Dynamic Security Metrics for Software-Defined Network-based Moving Target Defense. (15th November 2020)
- Record Type:
- Journal Article
- Title:
- Dynamic Security Metrics for Software-Defined Network-based Moving Target Defense. (15th November 2020)
- Main Title:
- Dynamic Security Metrics for Software-Defined Network-based Moving Target Defense
- Authors:
- Sharma, Dilli P.
Enoch, Simon Yusuf
Cho, Jin-Hee
Moore, Terrence J.
Nelson, Frederica F.
Lim, Hyuk
Kim, Dong Seong - Abstract:
- Abstract: We propose a suite of dynamic security metrics that timely, dynamically, and adaptively assess the effectiveness of the software-defined network (SDN)-based moving target defense (MTD) techniques. The security metrics are developed to measure the dynamics of a network and a host state's information (e.g., IP address, port, software stacks, vulnerabilities, or network topology) introduced by various types of MTD techniques shuffling them. The key aspect of our proposed metrics is to capture variability that keeps track of changing patterns of the network and the host states upon every MTD triggering event. In this work, we propose the following security metrics capturing the variability based on the changes made by the MTD: (1) Network and host address-based metrics measuring variability of the network and host addresses based on a degree of uncertainty and unpredictability on the assigned IP address to the hosts in a network; (2) Attack path-based metrics measuring variability of attack paths using graphical models estimated based on the network state transitions from one topology to another topology upon triggering a network topology and/or IP shuffling MTD; and (3) Attack stage-based success metrics measuring the chances of discovering a vulnerable target host's information, exploiting the target host's vulnerability, and compromising the target host. Via extensive simulation study, we investigated the key parameters that can significantly affect the MTDAbstract: We propose a suite of dynamic security metrics that timely, dynamically, and adaptively assess the effectiveness of the software-defined network (SDN)-based moving target defense (MTD) techniques. The security metrics are developed to measure the dynamics of a network and a host state's information (e.g., IP address, port, software stacks, vulnerabilities, or network topology) introduced by various types of MTD techniques shuffling them. The key aspect of our proposed metrics is to capture variability that keeps track of changing patterns of the network and the host states upon every MTD triggering event. In this work, we propose the following security metrics capturing the variability based on the changes made by the MTD: (1) Network and host address-based metrics measuring variability of the network and host addresses based on a degree of uncertainty and unpredictability on the assigned IP address to the hosts in a network; (2) Attack path-based metrics measuring variability of attack paths using graphical models estimated based on the network state transitions from one topology to another topology upon triggering a network topology and/or IP shuffling MTD; and (3) Attack stage-based success metrics measuring the chances of discovering a vulnerable target host's information, exploiting the target host's vulnerability, and compromising the target host. Via extensive simulation study, we investigated the key parameters that can significantly affect the MTD performance based on the proposed security metrics. Our simulation results show that the metrics are viable to measure the effectiveness of deploying the MTD techniques. … (more)
- Is Part Of:
- Journal of network and computer applications. Volume 170(2020)
- Journal:
- Journal of network and computer applications
- Issue:
- Volume 170(2020)
- Issue Display:
- Volume 170, Issue 2020 (2020)
- Year:
- 2020
- Volume:
- 170
- Issue:
- 2020
- Issue Sort Value:
- 2020-0170-2020-0000
- Page Start:
- Page End:
- Publication Date:
- 2020-11-15
- Subjects:
- Dynamic security metrics -- Security measurement -- Moving target defense -- Software-defined networks
Microcomputers -- Periodicals
Computer networks -- Periodicals
Application software -- Periodicals
Micro-ordinateurs -- Périodiques
Réseaux d'ordinateurs -- Périodiques
Logiciels d'application -- Périodiques
Application software
Computer networks
Microcomputers
Periodicals
004.05
004 - Journal URLs:
- http://www.sciencedirect.com/science/journal/10848045 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.jnca.2020.102805 ↗
- Languages:
- English
- ISSNs:
- 1084-8045
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 5021.410600
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 14595.xml