A theory for understanding and quantifying moving target defense
dc.contributor.author | Zhuang, Rui | |
dc.date.accessioned | 2015-11-18T19:03:27Z | |
dc.date.available | 2015-11-18T19:03:27Z | |
dc.date.graduationmonth | December | |
dc.date.issued | 2015-12-01 | |
dc.description.abstract | The static nature of cyber systems gives attackers a valuable and asymmetric advantage - time. To eliminate this asymmetric advantage, a new approach, called Moving Target Defense (MTD) has emerged as a potential solution. MTD system seeks to proactively change system configurations to invalidate the knowledge learned by the attacker and force them to spend more effort locating and re-locating vulnerabilities. While it sounds promising, the approach is so new that there is no standard definition of what an MTD is, what is meant by diversification and randomization, or what metrics to define the effectiveness of such systems. Moreover, the changing nature of MTD violates two basic assumptions about the conventional attack surface notion. One is that the attack surface remains unchanged during an attack and the second is that it is always reachable. Therefore, a new attack surface definition is needed. To address these issues, I propose that a theoretical framework for MTD be defined. The framework should clarify the most basic questions such as what an MTD system is and its properties such as adaptation, diversification and randomization. The framework should reveal what is meant by gaining and losing knowledge, and what are different attack types. To reason over the interactions between attacker and MTD system, the framework should define key concepts such as attack surface, adaptation surface and engagement surface. Based on that, this framework should allow MTD system designers to decide how to use existing configuration choices and functionality diversification to increase security. It should allow them to analyze the effectiveness of adapting various combinations of different configuration aspects to thwart different types of attacks. To support analysis, the frame- work should include an analytical model that can be used by designers to determine how different parameter settings will impact system security. | |
dc.description.advisor | Scott A. DeLoach | |
dc.description.degree | Doctor of Philosophy | |
dc.description.department | Computing and Information Sciences | |
dc.description.level | Doctoral | |
dc.description.sponsorship | U.S. Air Force Office of Scientific Research, U.S. National Science Foundation | |
dc.identifier.uri | http://hdl.handle.net/2097/20525 | |
dc.language.iso | en_US | |
dc.publisher | Kansas State University | |
dc.rights | © the author. This Item is protected by copyright and/or related rights. You are free to use this Item in any way that is permitted by the copyright and related rights legislation that applies to your use. For other uses you need to obtain permission from the rights-holder(s). | |
dc.rights.uri | http://rightsstatements.org/vocab/InC/1.0/ | |
dc.subject | Moving Target Defense | |
dc.subject | Network Security | |
dc.subject | Computer Security | |
dc.subject | Science of Security | |
dc.subject | Cloud Security | |
dc.subject.umi | Computer Science (0984) | |
dc.title | A theory for understanding and quantifying moving target defense | |
dc.type | Dissertation |