We use cookies to improve your experience with our site.

Indexed in:

SCIE, EI, Scopus, INSPEC, DBLP, CSCD, etc.

Submission System
(Author / Reviewer / Editor)
Advanced Search
Volume 34 Issue 1
January  2019
Turn off MathJax
Article Contents
Abstract
References
Related Articles
Supplements
Jianjun Zheng, Akbar Siami Namin. A Survey on the Moving Target Defense Strategies: An Architectural Perspective[J]. Journal of Computer Science and Technology, 2019, 34(1): 207-233. DOI: 10.1007/s11390-019-1906-z
Citation: Jianjun Zheng, Akbar Siami Namin. A Survey on the Moving Target Defense Strategies: An Architectural Perspective[J]. Journal of Computer Science and Technology, 2019, 34(1): 207-233. DOI: 10.1007/s11390-019-1906-z
shu

A Survey on the Moving Target Defense Strategies: An Architectural Perspective

  • Department of Computer Science, Texas Tech University, Lubbock, Texas 79409, U.S.A.

Funds: This project was supported in part by the National Science Foundation of USA under Grant Nos. 1516636 and 1564293.
More Information
  • Author Bio:

    Jianjun Zheng received his first Master's degree in computer science and his second Master's degree in statistics in 2004 and 2013, respectively, both from Texas Tech University, Lubbock. He is currently a Ph.D. candidate in the Department of Computer Science, Texas Tech University, Lubbock. His research focuses on modeling moving target defense and network defense strategy optimization.

  • Received Date: July 14, 2018
  • Revised Date: October 13, 2018
  • Published Date: January 04, 2019
    Abstract
  • As the complexity and the scale of networks continue to grow, the management of the network operations and security defense has become a challenging task for network administrators, and many network devices may not be updated timely, leaving the network vulnerable to potential attacks. Moreover, the static nature of our existing network infrastructure allows attackers to have enough time to study the static configurations of the network and to launch well-crafted attacks at their convenience while defenders have to work around the clock to defend the network. This asymmetry, in terms of time and money invested, has given attackers greater advantage than defenders and has made the security defense even more challenging. It calls for new and innovative ideas to fix the problem. Moving Target Defense (MTD) is one of the innovative ideas which implements diverse and dynamic configurations of network systems with the goal of puzzling the exact attack surfaces available to attackers. As a result, the system status with the MTD strategy is unpredictable to attackers, hard to exploit, and is more resilient to various forms of attacks. There are existing survey papers on various MTD techniques, but to the best of our knowledge, insufficient focus was given on the architectural perspective of MTD strategies or some new technologies such as Internet of Things (IoT). This paper presents a comprehensive survey on MTD and implementation strategies from the perspective of the architecture of the complete network system, covering the motivation for MTD, the explanation of main MTD concepts, ongoing research efforts of MTD and its implementation at each level of the network system, and the future research opportunities offered by new technologies such as Software-Defined Networking (SDN) and Internet of Things (IoT).
    • FullText(HTML)
    • References (80)
  • [1]
    Manadhata P K, Wing J M. An attack surface metric. IEEE Transactions on Software Engineering, 2011, 37(3):371-386.
    [2]
    Zhuang R, Zhang S, DeLoach S A, Ou X M, Singhal A. Simulation-based approaches to studying effectiveness of moving-target network defense. In Proc. National Symposium on Moving Target Research, June 2012, pp.21-26.
    [3]
    Peng W, Li F, Huang C, Zou X. A moving-target defense strategy for cloud-based services with heterogeneous and dynamic attack surfaces. In Proc. IEEE International Conference on Communications, June 2014, pp.804-809.
    [4]
    Okhravi H, Rabe M A, Mayberry T J, Leonard W G, Hobson T R, Bigelow D, Streilein W W. Survey of cyber moving target techniques. Technical Report, Massachusetts Institute of Technology, 2013. http://www.dtic.mil/dtic/tr/fulltext/u2/a591804.pdf, Sept. 2018.
    [5]
    Cai G l, Wang B S, Hu W, Wang T Z. Moving target defense:State of the art and characteristics. Frontiers of Information Technology & Electronic Engineering, 2016, 17(11):1122-1153.
    [6]
    Lei C, Zhang H Q, Tan J L, Zhang Y C, Liu X H. Moving target defense techniques:A survey. Security and Communication Networks, 2018, Article No. 3759626.
    [7]
    Okhravi H, Comella A, Robinson E, Yannalfo S, Michaleas P, Haines J. Creating a cyber moving target for critical infrastructure applications. In Proc. the 5th IFIP WG 11.10 International Conference on Critical Infrastructure Protection, March 2011, pp.107-123.
    [8]
    Okhravi H, Comella A, Robinson E, Haines J. Creating a cyber moving target for critical infrastructure applications using platform diversity. International Journal of Critical Infrastructure Protection, 2012, 5(1):30-39.
    [9]
    Barrantes E G, Ackley D H, Forrest S, Palmer T S, Stefanovic D, Zovi D D. Randomized instruction set emulation to disrupt binary code injection attacks. In Proc. the 10th ACM Conference on Computer and Communications Security, October 2003, pp.281-289.
    [10]
    Kc G S, Keromytis A D, Prevelakis V. Countering codeinjection attacks with instruction-set randomization. In Proc. the 10th ACM Conference on Computer and Communications Security, October 2003, pp.272-280.
    [11]
    Just J E, Cornwell M. Review and analysis of synthetic diversity for breaking monocultures. In Proc. the 2004 ACM Workshop on Rapid Malcode, October 2004, pp.23-32.
    [12]
    Stamp M. Risks of monoculture. Communications of the ACM, March 2004, 47(3):120.
    [13]
    Forrest S, Somayaji A, Ackley D H. Building diverse computer systems. In Proc. the 6th Workshop on Hot Topics in Operating Systems, May 1997, pp.67-72.
    [14]
    Cox B, Evans D, Filipi A, Rowanhill J, Hu W, Davidson J, Knight J, Nguyen-Tuong A, Hiser J. N-variant systems:A secretless framework for security through diversity. In Proc. the 15th Conference on USENIX Security Symposium, July 2006, Article No. 16.
    [15]
    Gherbi A, Charpentier R. Diversity-based approaches to software systems security. In Proc. International Conference on Security Technology, December 2011, pp.228-237.
    [16]
    Neti S, Somayaji A, Locasto M E. Software diversity:Security, entropy and game theory. In Proc. the 7th USENIX Workshop on Hot Topics in Security, August 2012, Article No. 5.
    [17]
    Jacob M, Jakubowski M H, Naldurg P, Saw C W, Venkatesan R. The superdiversifier:Peephole individualization for software protection. In Proc. the 3rd International Workshop on Security, November 2008, pp.100-120.
    [18]
    Antonatos S, Akritidis P, Markatos E P, Anagnostakis K G. Defending against hitlist worms using network address space randomization. In Proc. the 2005 ACM Workshop on Rapid Malcode, November 2005, pp.30-40.
    [19]
    Bangalore A K, Sood A K. Securing web servers using self cleansing intrusion tolerance (SCIT). In Proc. the 2nd International Conference on Dependability, June 2009, pp.60-65.
    [20]
    Boyd S W, Keromytis A D. SQLrand:Preventing SQL injection attacks. In Proc. the 2nd International Conference on Applied Cryptography and Network Security, June 2004, pp.292-302.
    [21]
    Portner J, Kerr J, Chu B. Moving target defense against cross-site scripting attacks (position paper). In Proc. the 7th International Symposium on Foundations and Practice of Security, November 2015, pp.85-91.
    [22]
    Jia Q, Sun K, Stavrou A. MOTAG:Moving target defense against internet denial of service attacks. In Proc. the 22nd International Conference on Computer Communication and Networks, July 2013.
    [23]
    Venkatesan S, Albanese M, Amin K, Jajodia S, Wright M. A moving target defense approach to mitigate DDoS attacks against proxy-based architectures. In Proc. IEEE Conference on Communications and Network Security, October 2016, pp.198-206.
    [24]
    Shacham H, Page M, Pfaff B, Goh E J, Modadugu N, Boneh D. On the effectiveness of address-space randomization. In Proc. the 11th ACM Conference on Computer and Communications Security, October 2004, pp.298-307.
    [25]
    Bittau A, Belay A, Mashtizadeh A, Mazières D, Boneh D. Hacking blind. In Proc. IEEE Symposium on Security and Privacy, May 2014, pp.227-242.
    [26]
    Hund R, Willems C, Holz T. Practical timing side channel attacks against kernel space ASLR. In Proc. IEEE Symposium on Security and Privacy, May 2013, pp.191-205.
    [27]
    Seibert J, Okhravi H, Söderström E. Information leaks without memory disclosures:Remote side channel attacks on diversified code. In Proc. the 2014 ACM SIGSAC Conference on Computer and Communications Security, November 2014, pp.54-65.
    [28]
    Pappas V, Polychronakis M, Keromytis A D. Smashing the gadgets:Hindering return-oriented programming using inplace code randomization. In Proc. IEEE Symposium on Security and Privacy, May 2012, pp.601-615.
    [29]
    Wartell R, Mohan V, Hamlen K W, Lin Z Q. Binary stirring:Self-randomizing instruction addresses of legacy x86 binary code. In Proc. the 2012 ACM Conference on Computer and Communications Security, October 2012, pp.157-168.
    [30]
    Snow K Z, Monrose F, Davi L, Dmitrienko A, Liebchen C, Sadeghi A R. Just-in-time code reuse:On the effectiveness of fine-grained address space layout randomization. In Proc. the 2013 IEEE Symposium on Security and Privacy, May 2013, pp.574-588.
    [31]
    Hu W, Hiser J, Williams D, Filipi A, Davidson J W, Evans D, Knight J C, Nguyen-Tuong A, Rowanhill J. Secure and practical defense against code-injection attacks using software dynamic translation. In Proc. the 2nd International Conference on Virtual Execution Environments, June 2006, pp.2-12.
    [32]
    Porras P. Inside risks:Reflections on Conficker. Communications of the ACM, 2009, 52(10):23-24.
    [33]
    Portokalidis G, Keromytis A D. Global ISR:Toward a comprehensive defense against unauthorized code execution. In Moving Target Defense:Creating Asymmetric Uncertainty for Cyber Threats, Jajodia S, Ghosh A K, Swarup V, Wang C, Wang X S (eds.), Springer, 2011, pp.49-76.
    [34]
    Chen L M, Avizienis A. N-version programming:A faulttolerance approach to reliability of software operation. In Proc. the 25th International Symposium on Fault-Tolerant Computing, June 1995, pp.113-119.
    [35]
    Massalin H. Superoptimizer:A look at the smallest program. In Proc. the 2nd International Conference on Architectual Support for Programming Languages and Operating Systems, October 1987, pp.122-126.
    [36]
    Jackson T, Salamat B, Homescu A, Manivannan K, Wagner G, Gal A, Brunthaler S, Wimmer C, Franz M. Compilergenerated software diversity. In Moving Target Defense:Creating Asymmetric Uncertainty for Cyber Threats, Jajodia S, Ghosh A K, Swarup V, Wang C, Wang X S (eds.), Springer, 2011, pp.77-98.
    [37]
    Cabutto A, Falcarin P, Abrath B, Coppens B, De Sutter B. Software protection with code mobility. In Proc. the 2nd ACM Workshop on Moving Target Defense, October 2015, pp.95-103.
    [38]
    Franz M. E unibus pluram:Massive-scale software diversity as a defense mechanism. In Proc. the 2010 New Security Paradigms Workshop, September 2010, pp.7-16.
    [39]
    Jackson T, Homescu A, Crane S, Larsen P, Brunthaler S, Franz M. Diversifying the software stack using randomized NOP insertion. In Moving Target Defense Ⅱ:Application of Game Theory and Adversarial Modeling, Jajodia S, Ghosh A K, Subrahmanian V S, Swarup V, Wang C, Wang X S (eds.), Springer, 2013, pp.151-173.
    [40]
    Hobson T, Okhravi H, Bigelow D, Rudd R, Streilein W. On the challenges of effective movement. In Proc. the 1st ACM Workshop on Moving Target Defense, November 2014, pp.41-50.
    [41]
    Spinellis D. Reflection as a mechanism for software integrity verification. ACM Transactions on Information and System Security, 2000, 3(1):51-62.
    [42]
    Msgna M, Markantonakis K, Naccache D, Mayes K. Verifying software integrity in embedded systems:A side channel approach. In Proc. the 5th International Workshop on Constructive Side-Channel Analysis and Secure Design, April 2014, pp.261-280.
    [43]
    Basili V R, Selby R W. Comparing the effectiveness of software testing strategies. IEEE Transactions on Software Engineering, 1987, SE-13(12):1278-1296.
    [44]
    Shacham H. The geometry of innocent flesh on the bone:Return-into-libc without function calls (on the x86). In Proc. the 14th ACM Conference on Computer and Communications Security, October 2007, pp.552-561.
    [45]
    Pappas V, Polychronakis M, Keromytis A D. Practical software diversification using in-place code randomization. In Moving Target Defense Ⅱ:Application of Game Theory and Adversarial Modeling, Jajodia S, Ghosh A K, Subrahmanian V S, Swarup V, Wang C, Wang X S (eds.), Springer, 2013, pp.175-202.
    [46]
    Cui A, Stolfo S J. Symbiotes and defensive mutualism:Moving target defense. In Moving Target Defense:Creating Asymmetric Uncertainty for Cyber Threats, Jajodia S, Ghosh A K, Swarup V, Wang C, Wang X S (eds.), Springer, 2011, pp.99-108.
    [47]
    Zhuang R, Zhang S, Bardas A, DeLoach S A, Ou X, Singhal A. Investigating the application of moving target defenses to network security. In Proc. the 6th International Symposium on Resilient Control Systems, August 2013, pp.162-169.
    [48]
    Al-Shaer E. Toward network configuration randomization for moving target defense. In Moving Target Defense:Creating Asymmetric Uncertainty for Cyber Threats, Jajodia S, Ghosh A K, Swarup V, Wang C, Wang X S (eds.), Springer, 2011, pp.153-159.
    [49]
    Dunlop M, Groat S, Urbanski W, Marchany R, Tront J. MT6D:A moving target IPv6 defense. In Proc. Military Communications Conference, November 2011, pp.1321-1326.
    [50]
    Jafarian J H, Al-Shaer E, Duan Q. OpenFlow random host mutation:Transparent moving target defense using software defined networking. In Proc. the 1st Workshop on Hot Topics in Software Defined Networks, August 2012, pp.127-132.
    [51]
    Groat S, Dunlop M, Urbanksi W, Marchany R, Tront J. Using an IPv6 moving target defense to protect the Smart Grid. In Proc. IEEE PES Innovative Smart Grid Technologies, January 2012.
    [52]
    Clark A, Sun K, Poovendran R. Effectiveness of IP address randomization in decoy-based moving target defense. In Proc. the 52nd IEEE Conference on Decision and Control, December 2013, pp.678-685.
    [53]
    Zheng J, Namin A S. The impact of address changes and host diversity on the effectiveness of moving target defense strategy. In Proc. the 40th Annual Computer Software and Applications Conference, June 2016, Volume 2, pp.553-558.
    [54]
    Wang H, Xi Z, Li F, Chen S. WebTrap:A dynamic defense scheme against economic denial of sustainability attacks. In Proc. IEEE Conference on Communications and Network Security, October 2017.
    [55]
    Yeung F, Cho P, Morrell C, Marchany R, Tront J. Modeling network based moving target defense impacts through simulation in Ns-3. In Proc. IEEE Military Communications Conference, November 2016, pp.746-751.
    [56]
    Huang Y, Ghosh A K. Introducing diversity and uncertainty to create moving attack surfaces for web services. In Moving Target Defense:Creating Asymmetric Uncertainty for Cyber Threats, Jajodia S, Ghosh A K, Swarup V, Wang C, Wang X S (eds.), Springer, 2011, pp.131-151.
    [57]
    Bardas A G, Sundaramurthy S C, Ou X M, DeLoach S A. MTD CBITS:Moving target defense for cloud-based IT systems. In Proc. the 22nd European Symposium on Research in Computer Security, September 2017, pp.167-186.
    [58]
    Stoll C. The Cuckoo's Egg:Tracking a Spy Through the Maze of Computer Espionage (1st edition). The Bodley Head Ltd, 1989.
    [59]
    Kreutz D, Ramos F M V, Veríssimo P E, Rothenberg C E, Azodolmolky S, Uhlig S. Software-defined networking:A comprehensive survey. Proceedings of the IEEE, 2015, 103(1):14-76.
    [60]
    MacFarland D C, Shue C A. The SDN shuffle:Creating a moving-target defense using host-based software-defined networking. In Proc. the 2nd ACM Workshop on Moving Target Defense, October 2015, pp.37-41.
    [61]
    Wang K, Chen X, Zhu Y F. Random domain name and address mutation (RDAM) for thwarting reconnaissance attacks. PLOS ONE, 2017, 12(5):Article No. e0177111.
    [62]
    Skowyra R, Bauer K, Dedhia V, Okhravi H. Have No PHEAR:Networks without identifiers. In Proc. the 2016 ACM Workshop on Moving Target Defense, October 2016, pp.3-14.
    [63]
    Kampanakis P, Perros H, Beyene T. SDN-based solutions for moving target defense network protection. In Proc. IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks, June 2014.
    [64]
    Chowdhary A, Pisharody S, Huang D. SDN based scalable MTD solution in cloud network. InProc. the 2016 ACM Workshop on Moving Target Defense, October 2016, pp.27-36.
    [65]
    Kil C, Jun J, Bookholt C, Xu J, Ning P. Address Space Layout Permutation (ASLP):Towards fine-grained randomization of commodity software. In Proc. the 22nd Annual Computer Security Applications Conference, December 2006, pp.339-348.
    [66]
    Casola V, de Benedictis A, Albanese M. A moving target defense approach for protecting resource-constrained distributed devices. In Proc. the 14th International Conference on Information Reuse and Integration, August 2013, pp.22-29.
    [67]
    Zeitz K, Cantrell M, Marchany R, Tront J. Designing a micro-moving target IPv6 defense for the Internet of things. In Proc. the 2nd International Conference on Internet-ofThings Design and Implementation, April 2017, pp.179-184.
    [68]
    Kumar A, Aggarwal A. Lightweight cryptographic primitives for mobile ad hoc networks. In Proc. International Conference on Recent Trends in Computer Networks and Distributed Systems Security, October 2012, pp.240-251.
    [69]
    Okhravi H, Riordan J, Carter K. Quantitative evaluation of dynamic platform techniques as a defensive mechanism. In Proc. the 17th International Symposium on Research in Attacks, Intrusions and Defenses, September 2014, pp.405-425.
    [70]
    Hamlet J R, Lamb C C. Dependency graph analysis and moving target defense selection. In Proc. the 2016 ACM Workshop on Moving Target Defense, October 2016, pp.105-116.
    [71]
    Green M, MacFarland D C, Smestad D R, Shue C A. Characterizing network-based moving target defenses. In Proc. the 2nd ACM Workshop on Moving Target Defense, October 2015, pp.31-35.
    [72]
    Zaffarano K, Taylor J, Hamilton S. A quantitative framework for moving target defense effectiveness evaluation. In Proc. the 2nd ACM Workshop on Moving Target Defense, October 2015, pp.3-10.
    [73]
    Taylor J, Zaffarano K, Koller B, Bancroft C, Syversen J. Automated effectiveness evaluation of moving target defenses:Metrics for missions and attacks. In Proc. the 2016 ACM Workshop on Moving Target Defense, October 2016, pp.129-134.
    [74]
    Evans D, Nguyen-Tuong A, Knight J. Effectiveness of moving target defenses. In Moving Target Defense:Creating Asymmetric Uncertainty for Cyber Threats, Jajodia S, Ghosh A K, Swarup V, Wang C, Wang X S (eds.), Springer, 2011, pp.29-48.
    [75]
    Xu J, Guo P Y, Zhao M Y, Erbacher R F, Zhu M H, Liu P. Comparing different moving target defense techniques. In Proc. the 1st ACM Workshop on Moving Target Defense, November 2014, pp.97-107.
    [76]
    Manadhata P K. Game theoretic approaches to attack surface shifting. In Moving Target Defense Ⅱ:Application of Game Theory and Adversarial Modeling, Jajodia S, Ghosh A K, Subrahmanian V S, Swarup V, Wang C, Wang X S (eds.), Springer, 2013, pp.1-13.
    [77]
    Zhu Q Y, Başar T. Game-theoretic approach to feedbackdriven multi-stage moving target defense. In Proc. the 4th International Conference on Decision and Game Theory for Security, November 2013, pp.246-263.
    [78]
    Zheng J J, Namin A S. A Markov decision process to determine optimal policies in moving target. In Proc. ACM SIGSAC Conference on Computer and Communications Security, October 2018, pp.2321-2323.
    [79]
    Carter K M, Riordan J F, Okhravi H. A game theoretic approach to strategy determination for dynamic platform defenses. In Proc. the 1st ACM Workshop on Moving Target Defense, November 2014, pp.21-30.
    [80]
    Maleki H, Valizadeh S, Koch W, Bestavros A, van Dijk M. Markov modeling of moving target defense games. In Proc. the 2016 ACM Workshop on Moving Target Defense, October 2016, pp.81-92.
    • Relative Articles

  • Related Articles

    [1]Xuan-Bo Huang, Kai-Ping Xue, Yi-Tao Xing, Ding-Wen Hu, Ruidong Li, Qi-Bin Sun. An Efficient Scheme to Defend Data-to-Control-Plane Saturation Attacks in Software-Defined Networking[J]. Journal of Computer Science and Technology, 2022, 37(4): 839-851. DOI: 10.1007/s11390-022-1495-0
    [2]Maryam Zarezadeh, Hamid Mala, Homa Khajeh. Preserving Privacy of Software-Defined Networking Policies by Secure Multi-Party Computation[J]. Journal of Computer Science and Technology, 2020, 35(4): 863-874. DOI: 10.1007/s11390-020-9247-5
    [3]Yang Li, Zhi-Ping Cai, Hong Xu. LLMP: Exploiting LLDP for Latency Measurement in Software-Defined Data Center Networks[J]. Journal of Computer Science and Technology, 2018, 33(2): 277-285. DOI: 10.1007/s11390-018-1819-2
    [4]Yun-Gang Bao, Sa Wang. Labeled von Neumann Architecture for Software-Defined Cloud[J]. Journal of Computer Science and Technology, 2017, 32(2): 219-223. DOI: 10.1007/s11390-017-1716-0
    [5]Hua Nie, Xiao-Jun Yang, Tao-Ying Liu. Software-Defined Cluster[J]. Journal of Computer Science and Technology, 2015, 30(2): 252-258. DOI: 10.1007/s11390-015-1519-0
    [6]Yu Gu, Bao-Hua Zhao, Yu-Sheng Ji, Jie Li. Theoretical Treatment of Target Coverage in Wireless Sensor Networks[J]. Journal of Computer Science and Technology, 2011, 26(1): 117-129. DOI: 10.1007/s11390-011-1115-x
    [7]Ji-Bao Lai, Hui-Qiang Wang, Xiao-Wu Liu, Ying Liang, Rui-Juan Zheng, Guo-Sheng Zhao. WNN-Based Network Security Situation Quantitative Prediction Method and Its Optimization[J]. Journal of Computer Science and Technology, 2008, 23(2): 222-230.
    [8]Xin-Li Huang, Fu-Tai Zou, Fan-Yuan Ma. Targeted Local Immunization in Scale-Free Peer-to-Peer Networks[J]. Journal of Computer Science and Technology, 2007, 22(3): 457-468.
    [9]GAO Qingshi, HU Yue, LI Lei, CHEN Xu. A Novel Computer Architecture to Prevent Destruction by Viruses[J]. Journal of Computer Science and Technology, 2002, 17(3).
    [10]Aftab Ahmad. A Methodology for Development of Software Composite-Metrics for Program Control-Flow Structure[J]. Journal of Computer Science and Technology, 1992, 7(3): 202-218.
    • Supplements (1)

  • Others

  • Cited by

    Periodical cited type(68)

    1. Yuli YANG, Jianxin SONG, Dan YU, et al. A Self-Adaptive Mimic Scheduling Method Based on Fine-Grained Heterogeneity. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, 2025, E108.A(6): 834. DOI:10.1587/transfun.2024EAP1082
    2. Zhen Wang, Yongjie Wang, Xinli Xiong, et al. A Novel Framework for Enhancing Decision-Making in Autonomous Cyber Defense Through Graph Embedding. Entropy, 2025, 27(6): 622. DOI:10.3390/e27060622
    3. George W Clark, Todd R Andel, J Todd McDonald, et al. Detection and defense of cyberattacks on the machine learning control of robotic systems. The Journal of Defense Modeling and Simulation: Applications, Methodology, Technology, 2024, 21(2): 181. DOI:10.1177/15485129211043874
    4. Xabier Etxezarreta, Iñaki Garitano, Mikel Iturbe, et al. Low delay network attributes randomization to proactively mitigate reconnaissance attacks in industrial control systems. Wireless Networks, 2024, 30(6): 5077. DOI:10.1007/s11276-022-03212-5
    5. Se-Han Lee, Kyungshin Kim, Youngsoo Kim, et al. MTD-Diorama: Moving Target Defense Visualization Engine for Systematic Cybersecurity Strategy Orchestration. Sensors, 2024, 24(13): 4369. DOI:10.3390/s24134369
    6. Mariana Segovia-Ferreira, Jose Rubio-Hernan, Ana Cavalli, et al. A Survey on Cyber-Resilience Approaches for Cyber-Physical Systems. ACM Computing Surveys, 2024, 56(8): 1. DOI:10.1145/3652953
    7. E. M. Malathy, V. Sathya, Preetha Evangeline David, et al. 5G Network with Hexagonal SDN Control for Highly Secure Multimedia Communication. IETE Journal of Research, 2024, 70(12): 8492. DOI:10.1080/03772063.2024.2394598
    8. Zubaida Rehman, Iqbal Gondal, Mengmeng Ge, et al. Proactive defense mechanism: Enhancing IoT security through diversity-based moving target defense and cyber deception. Computers & Security, 2024, 139: 103685. DOI:10.1016/j.cose.2023.103685
    9. Jiajun Yan, Ying Zhou, Tao Wang. A Port-Hopping Technology against Remote Attacks and Its Effectiveness Evaluation. Electronics, 2023, 12(11): 2477. DOI:10.3390/electronics12112477
    10. Bo Liu, Hongyu Wu, Qihui Yang, et al. Random-Enabled Hidden Moving Target Defense against False Data Injection Alert Attackers. Processes, 2023, 11(2): 348. DOI:10.3390/pr11020348
    11. Rongbo Sun, Yuefei Zhu, Jinlong Fei, et al. A Survey on Moving Target Defense: Intelligently Affordable, Optimized and Self-Adaptive. Applied Sciences, 2023, 13(9): 5367. DOI:10.3390/app13095367
    12. Amir Javadpour, Forough Ja'fari, Tarik Taleb, et al. SCEMA: An SDN-Oriented Cost-Effective Edge-Based MTD Approach. IEEE Transactions on Information Forensics and Security, 2023, 18: 667. DOI:10.1109/TIFS.2022.3220939
    13. Muhammad Mubashir Khan, Muhammad Faraz Hyder, Shariq Mahmood Khan, et al. Ransomware prevention using moving target defense based approach. Concurrency and Computation: Practice and Experience, 2023, 35(7) DOI:10.1002/cpe.7592
    14. Felipe S. Dantas Silva, Emidio P. Neto, Rodrigo S. S. Nunes, et al. Securing Software-Defined Networks Through Adaptive Moving Target Defense Capabilities. Journal of Network and Systems Management, 2023, 31(3) DOI:10.1007/s10922-023-09746-z
    15. Xabier Etxezarreta, Iñaki Garitano, Mikel Iturbe, et al. Software-Defined Networking approaches for intrusion response in Industrial Control Systems: A survey. International Journal of Critical Infrastructure Protection, 2023, 42: 100615. DOI:10.1016/j.ijcip.2023.100615
    16. Jean-Paul A. Yaacoub, Hassan N. Noura, Ola Salman. Security of federated learning with IoT systems: Issues, limitations, challenges, and solutions. Internet of Things and Cyber-Physical Systems, 2023, 3: 155. DOI:10.1016/j.iotcps.2023.04.001
    17. Muhammad Faraz Hyder, Tasbiha Fatima, Shariq Mahmood Khan, et al. Countering crossfire DDoS attacks through moving target defense in SDN networks using OpenFlow traffic modification. Transactions on Emerging Telecommunications Technologies, 2023, 34(12) DOI:10.1002/ett.4853
    18. Ganapathy Mani, Marina Haliem, Bharat Bhargava, et al. Machine Learning Based Resilience Testing of an Address Randomization Cyber Defense. IEEE Transactions on Dependable and Secure Computing, 2023, 20(6): 4853. DOI:10.1109/TDSC.2023.3234561
    19. Raseena M. Haris, Khaled M. Khan, Armstrong Nhlabatsi. Live migration of virtual machine memory content in networked systems. Computer Networks, 2022, 209: 108898. DOI:10.1016/j.comnet.2022.108898
    20. Łukasz Jalowski, Marek Zmuda, Mariusz Rawski. A Survey on Moving Target Defense for Networks: A Practical View. Electronics, 2022, 11(18): 2886. DOI:10.3390/electronics11182886
    21. Wenjian Zhang, Zhengbin Zhu, Ke Song, et al. A Quantification Method for the Heterogeneity of Mimic Control Plane in SDN. Electronics, 2022, 11(23): 3864. DOI:10.3390/electronics11233864
    22. Minh Nguyen, Saptarshi Debroy, AnMin Fu. Moving Target Defense-Based Denial-of-Service Mitigation in Cloud Environments: A Survey. Security and Communication Networks, 2022, 2022: 1. DOI:10.1155/2022/2223050
    23. Ran Zhong, Qianying Zhang, Yachao Zhao, et al. Research on Enterprise Financial Accounting Information Security Model Based on Big Data. Wireless Communications and Mobile Computing, 2022, 2022: 1. DOI:10.1155/2022/7929846
    24. Yousra Magdy, Mohamed Azab, Amal Hamada, et al. Moving-Target Defense in Depth: Pervasive Self- and Situation-Aware VM Mobilization across Federated Clouds in Presence of Active Attacks. Sensors, 2022, 22(23): 9548. DOI:10.3390/s22239548
    25. Alexander Bajic, Georg T. Becker. Automated benchmark network diversification for realistic attack simulation with application to moving target defense. International Journal of Information Security, 2022, 21(2): 253. DOI:10.1007/s10207-021-00552-9
    26. Noe M. Yungaicela-Naula, Cesar Vargas-Rosales, Jesús Arturo Pérez-Díaz, et al. Towards security automation in Software Defined Networks. Computer Communications, 2022, 183: 64. DOI:10.1016/j.comcom.2021.11.014
    27. Rui Zhang, Mingcong Song, Tao Li, et al. Democratic learning: hardware/software co-design for lightweight blockchain-secured on-device machine learning. Journal of Systems Architecture, 2021, 118: 102205. DOI:10.1016/j.sysarc.2021.102205
    28. Renzo E. Navas, Frederic Cuppens, Nora Boulahia Cuppens, et al. MTD, Where Art Thou? A Systematic Review of Moving Target Defense Techniques for IoT. IEEE Internet of Things Journal, 2021, 8(10): 7818. DOI:10.1109/JIOT.2020.3040358
    29. Andres Aharhel Mercado-Velazquez, Ponciano Jorge Escamilla-Ambrosio, Floriberto Ortiz-Rodriguez. A Moving Target Defense Strategy for Internet of Things Cybersecurity. IEEE Access, 2021, 9: 118406. DOI:10.1109/ACCESS.2021.3107403
    30. Ismael Amezcua Valdovinos, Jesús Arturo Pérez-Díaz, Kim-Kwang Raymond Choo, et al. Emerging DDoS attack detection and mitigation strategies in software-defined networks: Taxonomy, challenges and future directions. Journal of Network and Computer Applications, 2021, 187: 103093. DOI:10.1016/j.jnca.2021.103093
    31. Jassim Happa, Thomas Bashford-Rogers, Alastair Janse Van Rensburg, et al. Deception in Network Defences Using Unpredictability. Digital Threats: Research and Practice, 2021, 2(4): 1. DOI:10.1145/3450973
    32. Sang Seo, Dohoon Kim. OSINT-Based LPC-MTD and HS-Decoy for Organizational Defensive Deception. Applied Sciences, 2021, 11(8): 3402. DOI:10.3390/app11083402
    33. Shuvalaxmi Dass, Akbar Siami Namin. Reinforcement Learning for Generating Secure Configurations. Electronics, 2021, 10(19): 2392. DOI:10.3390/electronics10192392
    34. Cristóbal Medina-López, L. G. Casado, Vicente González-Ruiz, et al. An SDN approach to detect targeted attacks in P2P fully connected overlays. International Journal of Information Security, 2021, 20(2): 245. DOI:10.1007/s10207-020-00499-3
    35. Matheus Torquato, Marco Vieira. Moving target defense in cloud computing: A systematic mapping study. Computers & Security, 2020, 92: 101742. DOI:10.1016/j.cose.2020.101742
    36. Jin-Hee Cho, Dilli P. Sharma, Hooman Alavizadeh, et al. Toward Proactive, Adaptive Defense: A Survey on Moving Target Defense. IEEE Communications Surveys & Tutorials, 2020, 22(1): 709. DOI:10.1109/COMST.2019.2963791
    37. Tao Han, Syed Rooh Ullah Jan, Zhiyuan Tan, et al. A comprehensive survey of security threats and their mitigation techniques for next‐generation SDN controllers. Concurrency and Computation: Practice and Experience, 2020, 32(16) DOI:10.1002/cpe.5300
    38. Mariana Segovia-Ferreira, Jose Rubio-Hernan, Rosa Cavalli, et al. Switched-Based Resilient Control of Cyber-Physical Systems. IEEE Access, 2020, 8: 212194. DOI:10.1109/ACCESS.2020.3039879
    39. M. F. Hyder, M. A. Ismail. INMTD: Intent-based Moving Target Defense Framework using Software Defined Networks. Engineering, Technology & Applied Science Research, 2020, 10(1): 5142. DOI:10.48084/etasr.3266
    40. Ana Rosa Cavalli, Edgardo Montes De Oca. Cybersecurity, Monitoring, Explainability and Resilience. 2023 Fourteenth International Conference on Mobile Computing and Ubiquitous Network (ICMU), DOI:10.23919/ICMU58504.2023.10412157
    41. Tongwei Ren, Ryan Williams, Sirshendu Ganguly, et al. Security and Privacy in Communication Networks. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, DOI:10.1007/978-3-031-25538-0_40
    42. Chao Feng, Alberto Huertas Celdrán, Zien Zeng, et al. Leveraging MTD to Mitigate Poisoning Attacks in Decentralized FL with Non-IID Data. 2024 IEEE International Conference on Big Data (BigData), DOI:10.1109/BigData62323.2024.10825953
    43. Vishesh Tanwar, K. R. Ramkumar. A Survey on the Role of Reverse Engineering in Security Attacks. 2023 International Conference on Research Methodologies in Knowledge Management, Artificial Intelligence and Telecommunication Engineering (RMKMATE), DOI:10.1109/RMKMATE59243.2023.10369068
    44. Taikun Liu, Zhaozhao Li, Yu Li, et al. An Optimization Method for Executor Construction in DHR System. 2025 5th International Conference on Consumer Electronics and Computer Engineering (ICCECE), DOI:10.1109/ICCECE65250.2025.10984595
    45. Rongbo Sun, Jinlong Fei, Yuefei Zhu. Multi-Agent Reinforcement Learning for Moving Target Defense Decision-Making Based on Markov Game: An Adaptive Approach Under Three-Dimensional Metrics. 2025 8th International Conference on Advanced Algorithms and Control Engineering (ICAACE), DOI:10.1109/ICAACE65325.2025.11020085
    46. Nico Saputro. A Brief review on Network Identity-based Moving Target Defense. 2023 International Conference on Information Networking (ICOIN), DOI:10.1109/ICOIN56518.2023.10048901
    47. Axel Charpentier, Christopher Neal, Nora Boulahia-Cuppens, et al. Real-Time Defensive Strategy Selection via Deep Reinforcement Learning. Proceedings of the 18th International Conference on Availability, Reliability and Security, DOI:10.1145/3600160.3600176
    48. Anas Alhashimi, Thomas Nolte, Alessandro V. Papadopoulos. Enhancing Sensor Attack Detection and Mitigating Sensor Compromise Impact in a Switching-Based Moving Target Defense. 2024 European Control Conference (ECC), DOI:10.23919/ECC64448.2024.10590869
    49. Ki-Wan Kang, Ki-Woong Park. Toward Software-Defined Moving Target Defense for Secure Service Deployment Enhanced with a User-Defined Orchestration. Proceedings of the 2020 ACM International Conference on Intelligent Computing and its Emerging Applications, DOI:10.1145/3440943.3444725
    50. Dingyu Yan, Feng Liu. A Heuristic Method for Network Modification Against Cyber Epidemic Attacks. 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), DOI:10.1109/TrustCom/BigDataSE.2019.00033
    51. Renzo E. Navas, Hakon Sandaker, Frederic Cuppens, et al. IANVS: A Moving Target Defense Framework for a Resilient Internet of Things. 2020 IEEE Symposium on Computers and Communications (ISCC), DOI:10.1109/ISCC50000.2020.9219728
    52. Dipendra Gurung, Sandeep Gurung, Mohan Pratap Pradhan. Moving Target Defense - Challenges, Problems and Suitability for Internet of Things. 2023 4th International Conference on Computing and Communication Systems (I3CS), DOI:10.1109/I3CS58314.2023.10127263
    53. Wanying Lu, Wenbin Zhai, Feng Wang, et al. A Framework for Moving Target Defense based on Federated Semi-Supervised Learning. Proceedings of the 2023 International Conference on Electronics, Computers and Communication Technology, DOI:10.1145/3637494.3638748
    54. Bo Liu, Qihui Yang, Hang Zhang, et al. Random-based Hidden Moving Target Defense against Alert False Data Injection Attackers. 2023 IEEE Power & Energy Society General Meeting (PESGM), DOI:10.1109/PESGM52003.2023.10253069
    55. Shuvalaxmi Dass, Akbar Siami Namin. A Sensitivity Analysis of Evolutionary Algorithms in Generating Secure Configurations. 2020 IEEE International Conference on Big Data (Big Data), DOI:10.1109/BigData50022.2020.9378307
    56. Ernesto Serrano-Collado, Mario García-Valdez, Juan-Julián Merelo Guervós. Delivering diverse web server configuration in a moving target defense using evolutionary algorithms. Proceedings of the 2020 Genetic and Evolutionary Computation Conference Companion, DOI:10.1145/3377929.3398083
    57. Saeed Izadi, Mahnaz Izadi, Golshid Ranjbaran, et al. Enhancing Network Security Through Moving Target Defense Technology: An Analysis of the Impact on Attack Level. 2023 7th International Conference on Internet of Things and Applications (IoT), DOI:10.1109/IoT60973.2023.10365374
    58. Kai Cheng, Zhan Wu, Qiang Wang, et al. Proceedings of the 4th International Conference on Big Data Analytics for Cyber-Physical System in Smart City - Volume 2. Lecture Notes on Data Engineering and Communications Technologies, DOI:10.1007/978-981-99-1157-8_46
    59. Enning Zhang, Runnian Ma, Feng Liu, et al. A Novel Dynamic Platform Defense Strategy Based on Evolutionary Game. 2021 International Conference on Computer, Internet of Things and Control Engineering (CITCE), DOI:10.1109/CITCE54390.2021.00011
    60. P. Jothi, S. Gomathi. Intent-based moving target defense framework software defined networks. INTERNATIONAL CONFERENCE ON EMERGING TRENDS IN ELECTRONICS AND COMMUNICATION ENGINEERING - 2023, DOI:10.1063/5.0216494
    61. Renzo E. Navas, Laurent Toutain, Georgios Z. Papadopoulos. Intelligent Security Management and Control in the IoT. DOI:10.1002/9781394156030.ch11
    62. Rui Zhang, Hui Xia, Ju-fu Cui, et al. Machine Learning for Cyber Security. Lecture Notes in Computer Science, DOI:10.1007/978-3-030-62463-7_17
    63. Venkat Venkateswaran, Chin-Tser Huang, Kaliappa Ravindran. Security Management in Content Distribution Networks: a delay-variance reduction approach for content mirror site placement. 2023 15th International Conference on COMmunication Systems & NETworkS (COMSNETS), DOI:10.1109/COMSNETS56262.2023.10041417
    64. Ernesto Serrano-Collado, Mario Garcia-Valdez, Juan J. Merelo-Guervos. Improving evolution of service configurations for moving target defense. 2020 IEEE Congress on Evolutionary Computation (CEC), DOI:10.1109/CEC48606.2020.9185786
    65. Shuvalaxmi Dass, Akbar Siami Namin. Vulnerability coverage for adequacy security testing. Proceedings of the 35th Annual ACM Symposium on Applied Computing, DOI:10.1145/3341105.3374099
    66. Anmol Kumar, Gaurav Somani. DDoS attack mitigation in cloud targets using scale-inside out assisted container separation. IEEE INFOCOM 2022 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), DOI:10.1109/INFOCOMWKSHPS54753.2022.9798240
    67. Axel Charpentier, Nora Boulahia Cuppens, Frédéric Cuppens, et al. Deep Reinforcement Learning-Based Defense Strategy Selection. Proceedings of the 17th International Conference on Availability, Reliability and Security, DOI:10.1145/3538969.3543789
    68. Jianjun Zheng, Akbar Siami Namin. Enforcing Optimal Moving Target Defense Policies. 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC), DOI:10.1109/COMPSAC.2019.00112

    Other cited types(0)

Catalog

    Get Citation
    PDF
    XML
    Article views (107) PDF downloads (772) Cited by(68)
    Related

    Copyright ©2025 JCST, All Rights Reserved     京ICP备05002829号-1

    Institute of Computing Technology, Chinese Academy of Sciences
    P.O. Box 2704, Beijing 100190, P.R. China

    Tel.: 86-10-62610746 E-mail: jcst@ict.ac.cn

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return