A theory for understanding and quantifying moving target defense

dc.contributor.authorZhuang, Rui
dc.date.accessioned2015-11-18T19:03:27Z
dc.date.available2015-11-18T19:03:27Z
dc.date.graduationmonthDecember
dc.date.issued2015-12-01
dc.description.abstractThe static nature of cyber systems gives attackers a valuable and asymmetric advantage - time. To eliminate this asymmetric advantage, a new approach, called Moving Target Defense (MTD) has emerged as a potential solution. MTD system seeks to proactively change system configurations to invalidate the knowledge learned by the attacker and force them to spend more effort locating and re-locating vulnerabilities. While it sounds promising, the approach is so new that there is no standard definition of what an MTD is, what is meant by diversification and randomization, or what metrics to define the effectiveness of such systems. Moreover, the changing nature of MTD violates two basic assumptions about the conventional attack surface notion. One is that the attack surface remains unchanged during an attack and the second is that it is always reachable. Therefore, a new attack surface definition is needed. To address these issues, I propose that a theoretical framework for MTD be defined. The framework should clarify the most basic questions such as what an MTD system is and its properties such as adaptation, diversification and randomization. The framework should reveal what is meant by gaining and losing knowledge, and what are different attack types. To reason over the interactions between attacker and MTD system, the framework should define key concepts such as attack surface, adaptation surface and engagement surface. Based on that, this framework should allow MTD system designers to decide how to use existing configuration choices and functionality diversification to increase security. It should allow them to analyze the effectiveness of adapting various combinations of different configuration aspects to thwart different types of attacks. To support analysis, the frame- work should include an analytical model that can be used by designers to determine how different parameter settings will impact system security.
dc.description.advisorScott A. DeLoach
dc.description.degreeDoctor of Philosophy
dc.description.departmentComputing and Information Sciences
dc.description.levelDoctoral
dc.description.sponsorshipU.S. Air Force Office of Scientific Research, U.S. National Science Foundation
dc.identifier.urihttp://hdl.handle.net/2097/20525
dc.language.isoen_US
dc.publisherKansas State University
dc.rights© the author. This Item is protected by copyright and/or related rights. You are free to use this Item in any way that is permitted by the copyright and related rights legislation that applies to your use. For other uses you need to obtain permission from the rights-holder(s).
dc.rights.urihttp://rightsstatements.org/vocab/InC/1.0/
dc.subjectMoving Target Defense
dc.subjectNetwork Security
dc.subjectComputer Security
dc.subjectScience of Security
dc.subjectCloud Security
dc.subject.umiComputer Science (0984)
dc.titleA theory for understanding and quantifying moving target defense
dc.typeDissertation

Files

Original bundle

Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
RuiZhuang2015.pdf
Size:
2.96 MB
Format:
Adobe Portable Document Format
Description:
Dissertation

License bundle

Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
1.62 KB
Format:
Item-specific license agreed upon to submission
Description: