Skip to main content
Log in

Abstract

Moving target defense (MTD) is a novel way to alter the asymmetric situation of attacks and defenses, and a lot of MTD studies have been carried out recently. However, relevant analysis for the defense mechanism of the MTD technology is still absent. In this paper, we analyze the defense mechanism of MTD technology in two dimensions. First, we present a new defense model named MP2R to describe the proactivity and effect of MTD technology intuitively. Second, we use the incomplete information dynamic game theory to verify the proactivity and effect of MTD technology. Specifically, we model the interaction between a defender who equips a server with different types of MTD techniques and a visitor who can be a user or an attacker, and analyze the equilibria and their conditions for these models. Then, we take an existing incomplete information dynamic game model for traditional defense and its equilibrium result as baseline for comparison, to validate the proactivity and effect of MTD technology. We also identify the factors that will influence the proactivity and effectiveness of the MTD approaches. This work gives theoretical support for understanding the defense process and defense mechanism of MTD technology and provides suggestions to improve the effectiveness of MTD approaches.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

References

  • Al-Shaer, E., Duan, Q., Jafarian, J.H., 2013. Random host mutation for moving target defense. Int. Conf. on Security and Privacy in Communication Systems, p.310–327. https://doi.org/10.1007/978-3-642-36883-7_19

    Google Scholar 

  • Azab, M., Hassan, R., Eltoweissy, M., 2011. ChameleonSoft: a moving target defense system. 7th Int. Conf. on Collaborative Computing: Networking, Applications and Worksharing, p.241–250. https://doi.org/10.4108/icst.collaboratecom.2011.247115

    Google Scholar 

  • Cai, G., Wang, B., Hu, W., et al., 2016a. Moving target defense: state of the art and characteristics. Front. Inform. Technol. Electron. Eng., 17(11):1122–1153. https://doi.org/10.1631/FITEE.1601321

    Article  Google Scholar 

  • Cai, G., Wang, B., Luo, Y., et al., 2016b. Characterizing the running patterns of moving target defense mechanisms. 18th Int. Conf. on Advanced Communication Technology, p.191–196. https://doi.org/10.1109/ICACT.2016.7423324

    Google Scholar 

  • Carroll, T., Grosu, D., 2011. A game theoretic investigation of deception in network security. Secur. Commun. Netw., 4(10):1162–1172. https://doi.org/10.1002/sec.242

    Article  Google Scholar 

  • Carroll, T., Crouse, M., Fulp, E., et al., 2014. Analysis of network address shuffling as a moving target defense. IEEE Int. Conf. on Communications, p.701–706. https://doi.org/10.1109/ICC.2014.6883401

    Google Scholar 

  • Carter, K., Riordan, J., Okhravi, H., 2014. A game theoretic approach to strategy determination for dynamic platform defenses. 1st ACM Workshop on Moving Target Defense, p.21–30. https://doi.org/10.1145/2663474.2663478

    Google Scholar 

  • Carvalho, M., Bradshaw, J., Bunch, L., et al., 2012. Command and control requirements for moving-target defense. IEEE Intell. Syst., 27(3):79–85. https://doi.org/10.1109/MIS.2012.45

    Article  Google Scholar 

  • Colbaugh, R., Glass, K., 2012. Predictability-oriented defense against adaptive adversaries. IEEE Int. Conf. on Systems, Man, and Cybernetics, p.2721–2727. https://doi.org/10.1109/ICSMC.2012.6378159

    Google Scholar 

  • Hobson, T., Okhravi, H., Bigelow, D., et al., 2014. On the challenges of effective movement. 1st ACM Workshop on Moving Target Defense, p.41–50. https://doi.org/10.1145/2663474.2663480

    Google Scholar 

  • Huang, Y., Ghosh, A., 2011. Introducing diversity and uncertainty to create moving attack surfaces for web services. In: Jajodia, S., Ghosh, A., Swarup, V., et al. (Eds.), Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats. Springer New York, New York, p.131–151. https://doi.org/10.1007/978-1-4614-0977-9_8

    Chapter  Google Scholar 

  • Jajodia, S., Ghosh, A., Swarup, V., et al., 2011. Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats. Springer Science & Business Media.

    Book  Google Scholar 

  • Jia, C., Zhong, A., Zhang, W., et al., 2006. Incomplete informational and dynamic game model in network security. J. Comput. Res. Dev., 43(Suppl.):530–533 (in Chinese).

    Google Scholar 

  • Liu, C., Zhang, Y., Chen, R., 2011. Research on dynamic model for network security based on artificial immunity. Int. J. Knowl. Lang. Process., 2(3):21–35.

    Google Scholar 

  • Lye, K.W., Wing, J., 2005. Game strategies in network security. Int. J. Inform. Secur., 4(1–2): 71–86. https://doi.org/10.1007/s10207-004-0060-x

    Article  Google Scholar 

  • Manadhata, P., 2013. Game theoretic approaches to attack surface shifting. In: Jajodia, S., Ghosh, A., Subrahmanian, V., et al. (Eds.), Moving Target Defense II: Application of Game Theory and Adversarial Modeling. Springer New York, New York, p.1–13. https://doi.org/10.1007/978-1-4614-5416-8_1

    Google Scholar 

  • Manshaei, M., Zhu, Q., Alpcan, T., et al., 2013. Game theory meets network security and privacy. ACM Comput. Surv., 45(3):25. https://doi.org/10.1145/2480741.2480742

    Article  Google Scholar 

  • Moody, W.C., Hu, H., Apon, A., 2014. Defensive maneuver cyber platform modeling with stochastic Petri Nets. Int. Conf. on Collaborative Computing: Networking, Applications and Worksharing, p.531–538. https://doi.org/10.4108/icst.collaboratecom.2014.257559

    Google Scholar 

  • NITRD, 2009. National Cyber Leap Year Summit 2009. Co-chairs’ Report. https://www.nitrd.gov/fileupload/files/National_Cyber_Leap_Year_Summit_2009_CoChairs_Report.pdf

    Google Scholar 

  • NITRD, 2010. NITRD CSIA IWG Cybersecurity Game-Change Research and Development Recommendations. https://www.nitrd.gov/cybersecurity/

    Google Scholar 

  • Okhravi, H., Hobson, T., Bigelow, D., et al., 2014. Finding focus in the blur of moving-target techniques. IEEE Secur. Priv., 12(2):16–26. https://doi.org/10.1109/MSP.2013.137

    Article  Google Scholar 

  • Prakash, A., Wellman, M., 2015. Empirical game-theoretic analysis for moving target defense. 2nd ACM Workshop on Moving Target Defense, p.57–65. https://doi.org/10.1145/2808475.2808483

    Chapter  Google Scholar 

  • Shi, L., Jia, C., Lu, S., 2007. DoS evading mechanism upon service hopping. IFIP Int. Conf. on Network and Parallel Computing Workshops, p.119–122. https://doi.org/10.1109/NPC.2007.59

    Google Scholar 

  • Shi, L., Jia, C., Lv, S., 2009. A game theoretic analysis of service hopping mechanism for DoS defense. J. Electron. Inform. Techn., 31(1):228–232 (in Chinese).

    Google Scholar 

  • Urias, V.E., Stout, W.M.S., Loverro, C., 2015. Computer network deception as a moving target defense. Int. Carnahan Conf. on Security Technology, p.1–6. https://doi.org/10.1109/CCST.2015.7389665

    Google Scholar 

  • Vadlamudi, S., Sengupta, S., Kambhampati, S., et al., 2016. Moving target defense for web applications using Bayesian Stackelberg games. arXiv:1602.07024.

    Google Scholar 

  • Winterrose, M.L., Carter, K.M., 2014. Strategic evolution of adversaries against temporal platform diversity active cyber defenses. Proc. Symp. on Agent Directed Simulation, p.9.

    Google Scholar 

  • Winterrose, M.L., Carter, K.M., Wagner, N., et al., 2014. Adaptive attacker strategy development against moving target cyber defenses. arXiv:1407.8540.

    Google Scholar 

  • Zhu, Q., Başar, T., 2013. Game-theoretic approach to feedback-driven multi-stage moving target defense. LNCS, 8252:246–263. https://doi.org/10.1007/978-3-319-02786-9_15

    MATH  Google Scholar 

  • Zhuang, R., DeLoach, S., Ou, X., 2014. Towards a theory of moving target defense. 1st ACM Workshop on Moving Target Defense, p.31–40. https://doi.org/10.1145/2663474.2663479

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Bao-sheng Wang.

Additional information

Project supported by the National Basic Research Program (973) of China (No. 2012CB315906)

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Cai, Gl., Wang, Bs. & Xing, Qq. Game theoretic analysis for the mechanism of moving target defense. Frontiers Inf Technol Electronic Eng 18, 2017–2034 (2017). https://doi.org/10.1631/FITEE.1601797

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1631/FITEE.1601797

Key words

CLC number

Navigation