Evaluating the Security and Economic Effects of Moving Target Defense Techniques on the Cloud

Evaluating the Security and Economic Effects of Moving Target Defense Techniques on the Cloud

Moving Target Defense (MTD) is a proactive security mechanism that changes the attack surface with the aim of confusing attackers. Cloud computing leverages MTD techniques to enhance the cloud security posture against cyber threats. While many MTD techniques have been applied to cloud computing, the...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE transactions on emerging topics in computing 2022-10, Vol.10 (4), p.1772-1788
Hauptverfasser: Alavizadeh, Hooman, Aref, Samin, Kim, Dong Seong, Jang-Jaccard, Julian
Format: Artikel
Sprache:eng
Schlagworte:
Biological system modeling
Cloud computing
Costs
Cybersecurity
diversity
Diversity reception
Economic impact
economic metrics
Effectiveness
Evaluation
Linear programming
Measurement
Moving targets
optimization
Redundancy
Reliability analysis
Security
security analysis
shuffle
Virtual environments
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 1788
container_issue 4
container_start_page 1772
container_title IEEE transactions on emerging topics in computing
container_volume 10
creator Alavizadeh, Hooman
Aref, Samin
Kim, Dong Seong
Jang-Jaccard, Julian
description Moving Target Defense (MTD) is a proactive security mechanism that changes the attack surface with the aim of confusing attackers. Cloud computing leverages MTD techniques to enhance the cloud security posture against cyber threats. While many MTD techniques have been applied to cloud computing, there has so far been no joint evaluation of the effectiveness of MTD techniques with respect to security and economic metrics. In this paper, we first introduce mathematical definitions for the combination of three MTD techniques: Shuffle, Diversity, and Redundancy. Then, we utilize four security metrics - namely, system risk, attack cost, return on attack, and reliability - to assess the effectiveness of the combined MTD techniques applied to large-scale cloud models. Second, we focus on a specific context based on a cloud model for e-health applications to evaluate the effectiveness of the MTD techniques using security and economic metrics. We introduce (1) a strategy to effectively deploy the Shuffle MTD technique using a virtual machine placement technique, and (2) two strategies to deploy the Diversity MTD technique through operating system diversification. As deploying the Diversity technique incurs costs, we formulate the optimal diversity assignment problem (O-DAP), and solve it as a binary linear programming model to obtain the assignment that maximizes the expected net benefit.
doi_str_mv 10.1109/TETC.2022.3155272
format Article
fullrecord <record><control><sourceid>proquest_ESBDL</sourceid><recordid>TN_cdi_crossref_primary_10_1109_TETC_2022_3155272</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>9733785</ieee_id><sourcerecordid>2747610712</sourcerecordid><originalsourceid>FETCH-LOGICAL-c336t-381e8c59e25bc673749e25ef004e24c879ef97f4ab10c4c618096d65c8f49ea83</originalsourceid><addsrcrecordid>eNpNkEtLw0AUhQdRsGh_gLgZcJ06j8xrKTU-oOLCuJRhOr3TprSZOkkK_fcmtoh3c-_iO-ceDkI3lEwoJea-LMrphBHGJpwKwRQ7QyNGpc6kEuT8332Jxk2zJv1oKo1UI_RV7N2mc21VL3G7AvwBvktVe8CuXuDCxzpuK4-LEMC3DY4Bv8X9wJYuLaHFjxCgbgCX4Fd19d1Bz9S_RtNN7BbX6CK4TQPj075Cn0991pds9v78On2YZZ5z2WZcU9BeGGBi7qXiKh9OCITkwHKvlYFgVMjdnBKfe0k1MXIhhdehJ53mV-ju6LtLcQjR2nXsUt2_tEzlSlKiKOspeqR8ik2TINhdqrYuHSwldijSDkXaoUh7KrLX3B41FQD88UZxrrTgP8F4bgA</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2747610712</pqid></control><display><type>article</type><title>Evaluating the Security and Economic Effects of Moving Target Defense Techniques on the Cloud</title><source>IEEE Open Access Journals</source><creator>Alavizadeh, Hooman ; Aref, Samin ; Kim, Dong Seong ; Jang-Jaccard, Julian</creator><creatorcontrib>Alavizadeh, Hooman ; Aref, Samin ; Kim, Dong Seong ; Jang-Jaccard, Julian</creatorcontrib><description>Moving Target Defense (MTD) is a proactive security mechanism that changes the attack surface with the aim of confusing attackers. Cloud computing leverages MTD techniques to enhance the cloud security posture against cyber threats. While many MTD techniques have been applied to cloud computing, there has so far been no joint evaluation of the effectiveness of MTD techniques with respect to security and economic metrics. In this paper, we first introduce mathematical definitions for the combination of three MTD techniques: Shuffle, Diversity, and Redundancy. Then, we utilize four security metrics - namely, system risk, attack cost, return on attack, and reliability - to assess the effectiveness of the combined MTD techniques applied to large-scale cloud models. Second, we focus on a specific context based on a cloud model for e-health applications to evaluate the effectiveness of the MTD techniques using security and economic metrics. We introduce (1) a strategy to effectively deploy the Shuffle MTD technique using a virtual machine placement technique, and (2) two strategies to deploy the Diversity MTD technique through operating system diversification. As deploying the Diversity technique incurs costs, we formulate the optimal diversity assignment problem (O-DAP), and solve it as a binary linear programming model to obtain the assignment that maximizes the expected net benefit.</description><identifier>ISSN: 2168-6750</identifier><identifier>EISSN: 2168-6750</identifier><identifier>DOI: 10.1109/TETC.2022.3155272</identifier><identifier>CODEN: ITETBT</identifier><language>eng</language><publisher>New York: IEEE</publisher><subject>Biological system modeling ; Cloud computing ; Costs ; Cybersecurity ; diversity ; Diversity reception ; Economic impact ; economic metrics ; Effectiveness ; Evaluation ; Linear programming ; Measurement ; Moving targets ; optimization ; Redundancy ; Reliability analysis ; Security ; security analysis ; shuffle ; Virtual environments</subject><ispartof>IEEE transactions on emerging topics in computing, 2022-10, Vol.10 (4), p.1772-1788</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2022</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c336t-381e8c59e25bc673749e25ef004e24c879ef97f4ab10c4c618096d65c8f49ea83</citedby><cites>FETCH-LOGICAL-c336t-381e8c59e25bc673749e25ef004e24c879ef97f4ab10c4c618096d65c8f49ea83</cites><orcidid>0000-0002-0033-6706 ; 0000-0002-1002-057X ; 0000-0003-2605-187X ; 0000-0002-5870-9253</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/9733785$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,780,784,796,27633,27924,27925,54758,54933</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/9733785$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Alavizadeh, Hooman</creatorcontrib><creatorcontrib>Aref, Samin</creatorcontrib><creatorcontrib>Kim, Dong Seong</creatorcontrib><creatorcontrib>Jang-Jaccard, Julian</creatorcontrib><title>Evaluating the Security and Economic Effects of Moving Target Defense Techniques on the Cloud</title><title>IEEE transactions on emerging topics in computing</title><addtitle>TETC</addtitle><description>Moving Target Defense (MTD) is a proactive security mechanism that changes the attack surface with the aim of confusing attackers. Cloud computing leverages MTD techniques to enhance the cloud security posture against cyber threats. While many MTD techniques have been applied to cloud computing, there has so far been no joint evaluation of the effectiveness of MTD techniques with respect to security and economic metrics. In this paper, we first introduce mathematical definitions for the combination of three MTD techniques: Shuffle, Diversity, and Redundancy. Then, we utilize four security metrics - namely, system risk, attack cost, return on attack, and reliability - to assess the effectiveness of the combined MTD techniques applied to large-scale cloud models. Second, we focus on a specific context based on a cloud model for e-health applications to evaluate the effectiveness of the MTD techniques using security and economic metrics. We introduce (1) a strategy to effectively deploy the Shuffle MTD technique using a virtual machine placement technique, and (2) two strategies to deploy the Diversity MTD technique through operating system diversification. As deploying the Diversity technique incurs costs, we formulate the optimal diversity assignment problem (O-DAP), and solve it as a binary linear programming model to obtain the assignment that maximizes the expected net benefit.</description><subject>Biological system modeling</subject><subject>Cloud computing</subject><subject>Costs</subject><subject>Cybersecurity</subject><subject>diversity</subject><subject>Diversity reception</subject><subject>Economic impact</subject><subject>economic metrics</subject><subject>Effectiveness</subject><subject>Evaluation</subject><subject>Linear programming</subject><subject>Measurement</subject><subject>Moving targets</subject><subject>optimization</subject><subject>Redundancy</subject><subject>Reliability analysis</subject><subject>Security</subject><subject>security analysis</subject><subject>shuffle</subject><subject>Virtual environments</subject><issn>2168-6750</issn><issn>2168-6750</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2022</creationdate><recordtype>article</recordtype><sourceid>RIE</sourceid><recordid>eNpNkEtLw0AUhQdRsGh_gLgZcJ06j8xrKTU-oOLCuJRhOr3TprSZOkkK_fcmtoh3c-_iO-ceDkI3lEwoJea-LMrphBHGJpwKwRQ7QyNGpc6kEuT8332Jxk2zJv1oKo1UI_RV7N2mc21VL3G7AvwBvktVe8CuXuDCxzpuK4-LEMC3DY4Bv8X9wJYuLaHFjxCgbgCX4Fd19d1Bz9S_RtNN7BbX6CK4TQPj075Cn0991pds9v78On2YZZ5z2WZcU9BeGGBi7qXiKh9OCITkwHKvlYFgVMjdnBKfe0k1MXIhhdehJ53mV-ju6LtLcQjR2nXsUt2_tEzlSlKiKOspeqR8ik2TINhdqrYuHSwldijSDkXaoUh7KrLX3B41FQD88UZxrrTgP8F4bgA</recordid><startdate>20221001</startdate><enddate>20221001</enddate><creator>Alavizadeh, Hooman</creator><creator>Aref, Samin</creator><creator>Kim, Dong Seong</creator><creator>Jang-Jaccard, Julian</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><orcidid>https://orcid.org/0000-0002-0033-6706</orcidid><orcidid>https://orcid.org/0000-0002-1002-057X</orcidid><orcidid>https://orcid.org/0000-0003-2605-187X</orcidid><orcidid>https://orcid.org/0000-0002-5870-9253</orcidid></search><sort><creationdate>20221001</creationdate><title>Evaluating the Security and Economic Effects of Moving Target Defense Techniques on the Cloud</title><author>Alavizadeh, Hooman ; Aref, Samin ; Kim, Dong Seong ; Jang-Jaccard, Julian</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c336t-381e8c59e25bc673749e25ef004e24c879ef97f4ab10c4c618096d65c8f49ea83</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2022</creationdate><topic>Biological system modeling</topic><topic>Cloud computing</topic><topic>Costs</topic><topic>Cybersecurity</topic><topic>diversity</topic><topic>Diversity reception</topic><topic>Economic impact</topic><topic>economic metrics</topic><topic>Effectiveness</topic><topic>Evaluation</topic><topic>Linear programming</topic><topic>Measurement</topic><topic>Moving targets</topic><topic>optimization</topic><topic>Redundancy</topic><topic>Reliability analysis</topic><topic>Security</topic><topic>security analysis</topic><topic>shuffle</topic><topic>Virtual environments</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Alavizadeh, Hooman</creatorcontrib><creatorcontrib>Aref, Samin</creatorcontrib><creatorcontrib>Kim, Dong Seong</creatorcontrib><creatorcontrib>Jang-Jaccard, Julian</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>IEEE transactions on emerging topics in computing</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Alavizadeh, Hooman</au><au>Aref, Samin</au><au>Kim, Dong Seong</au><au>Jang-Jaccard, Julian</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Evaluating the Security and Economic Effects of Moving Target Defense Techniques on the Cloud</atitle><jtitle>IEEE transactions on emerging topics in computing</jtitle><stitle>TETC</stitle><date>2022-10-01</date><risdate>2022</risdate><volume>10</volume><issue>4</issue><spage>1772</spage><epage>1788</epage><pages>1772-1788</pages><issn>2168-6750</issn><eissn>2168-6750</eissn><coden>ITETBT</coden><abstract>Moving Target Defense (MTD) is a proactive security mechanism that changes the attack surface with the aim of confusing attackers. Cloud computing leverages MTD techniques to enhance the cloud security posture against cyber threats. While many MTD techniques have been applied to cloud computing, there has so far been no joint evaluation of the effectiveness of MTD techniques with respect to security and economic metrics. In this paper, we first introduce mathematical definitions for the combination of three MTD techniques: Shuffle, Diversity, and Redundancy. Then, we utilize four security metrics - namely, system risk, attack cost, return on attack, and reliability - to assess the effectiveness of the combined MTD techniques applied to large-scale cloud models. Second, we focus on a specific context based on a cloud model for e-health applications to evaluate the effectiveness of the MTD techniques using security and economic metrics. We introduce (1) a strategy to effectively deploy the Shuffle MTD technique using a virtual machine placement technique, and (2) two strategies to deploy the Diversity MTD technique through operating system diversification. As deploying the Diversity technique incurs costs, we formulate the optimal diversity assignment problem (O-DAP), and solve it as a binary linear programming model to obtain the assignment that maximizes the expected net benefit.</abstract><cop>New York</cop><pub>IEEE</pub><doi>10.1109/TETC.2022.3155272</doi><tpages>17</tpages><orcidid>https://orcid.org/0000-0002-0033-6706</orcidid><orcidid>https://orcid.org/0000-0002-1002-057X</orcidid><orcidid>https://orcid.org/0000-0003-2605-187X</orcidid><orcidid>https://orcid.org/0000-0002-5870-9253</orcidid><oa>free_for_read</oa></addata></record>
fulltext fulltext_linktorsrc
identifier ISSN: 2168-6750
ispartof IEEE transactions on emerging topics in computing, 2022-10, Vol.10 (4), p.1772-1788
issn 2168-6750
2168-6750
language eng
recordid cdi_crossref_primary_10_1109_TETC_2022_3155272
source IEEE Open Access Journals
subjects Biological system modeling
Cloud computing
Costs
Cybersecurity
diversity
Diversity reception
Economic impact
economic metrics
Effectiveness
Evaluation
Linear programming
Measurement
Moving targets
optimization
Redundancy
Reliability analysis
Security
security analysis
shuffle
Virtual environments
title Evaluating the Security and Economic Effects of Moving Target Defense Techniques on the Cloud
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-23T19%3A31%3A32IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_ESBDL&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Evaluating%20the%20Security%20and%20Economic%20Effects%20of%20Moving%20Target%20Defense%20Techniques%20on%20the%20Cloud&rft.jtitle=IEEE%20transactions%20on%20emerging%20topics%20in%20computing&rft.au=Alavizadeh,%20Hooman&rft.date=2022-10-01&rft.volume=10&rft.issue=4&rft.spage=1772&rft.epage=1788&rft.pages=1772-1788&rft.issn=2168-6750&rft.eissn=2168-6750&rft.coden=ITETBT&rft_id=info:doi/10.1109/TETC.2022.3155272&rft_dat=%3Cproquest_ESBDL%3E2747610712%3C/proquest_ESBDL%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2747610712&rft_id=info:pmid/&rft_ieee_id=9733785&rfr_iscdi=true