Reference : Security Modeling and Analysis of Moving Target Defense in Software Defined Networks
Scientific congresses, symposiums and conference proceedings : Paper published in a book
Engineering, computing & technology : Computer science
Security, Reliability and Trust
http://hdl.handle.net/10993/52779
Security Modeling and Analysis of Moving Target Defense in Software Defined Networks
English
Rodrigues de Mendonça Neto, Júlio mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > CritiX >]
Kim, Minjune mailto [The University of Queensland - UQ > School of Information Technology and Electrical Engineering]
Graczyk, Rafal mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > CritiX >]
Volp, Marcus mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > CritiX >]
Kim, Dong Seong mailto [The University of Queensland > School of Information Technology and Electrical Engineering]
28-Nov-2022
Security Modeling and Analysis of Moving Target Defense in Software Defined Networks
Yes
International
27th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC 2022)
28-11-2022 to 1-12-2022
[en] Security ; Moving Target Defense ; Software Defined Networks ; Petri nets
[en] The use of traditional defense mechanisms or intrusion detection systems presents a disadvantage for defenders against attackers since these mechanisms are essentially reactive. Moving target defense (MTD) has emerged as a proactive defense mechanism to reduce this
disadvantage by randomly and continuously changing the attack surface of a system to confuse attackers. Although significant progress has been made recently in analyzing the security effectiveness of MTD mechanisms, critical gaps still exist, especially in maximizing security levels and estimating network reconfiguration speed for given attack power. In this paper, we propose a set of Petri Net models and use them to perform a comprehensive evaluation regarding key security metrics of Software-Defined Network (SDNs) based systems adopting a time-based MTD mechanism. We evaluate two use-case scenarios considering two different types of attacks to demonstrate the feasibility and applicability of our models. Our analyses showed that a time-based MTD mechanism could reduce the attackers’ speed by at least 78% compared to a system without MTD. Also, in the best-case scenario, it can reduce the attack success probability by about ten times.
Researchers ; Professionals
http://hdl.handle.net/10993/52779
FnR ; FNR14689454 > Marcus Völp > HERA > Hypervisor-enforced Radiation Tolerance In Multi-core Socs For Space > 01/09/2021 > 31/08/2024 > 2020

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Limited access
prdc_pre_print.pdfAuthor preprint639.81 kBRequest a copy

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.