Table of Contents Author Guidelines Submit a Manuscript
Security and Communication Networks
Volume 2018, Article ID 3759626, 25 pages
https://doi.org/10.1155/2018/3759626
Review Article

Moving Target Defense Techniques: A Survey

1China National Digital Switching System Engineering & Technological Research Center, Zhengzhou, Henan Province 450001, China
2Henan Key Laboratory of Information Security, Zhengzhou, Henan Province 450001, China

Correspondence should be addressed to Cheng Lei; moc.liamg@05121gnehciel

Cheng Lei and Hong-Qi Zhang contributed equally to this work.

Received 6 February 2018; Revised 30 May 2018; Accepted 15 July 2018; Published 22 July 2018

Academic Editor: Jesús Díaz-Verdejo

Copyright © 2018 Cheng Lei et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Linked References

  1. H. Zhang, W. Han, X. Lai, D. Lin, J. Ma, and J. Li, “Survey on cyberspace security,” Sciene Sinica Informationis, vol. 46, no. 2, pp. 125–164, 2016. View at Google Scholar · View at MathSciNet
  2. X. JinPing, “Overall layout and planning all parties to strive to innovate and develop China into a strong cyberpower,” People's Daily, pp. 2–28, 2014. View at Google Scholar
  3. M. Conti, T. Dargahi, and A. Dehghantanha, “Cyber threat intelligence: challenges and opportunities,” in Cyber Threat Intelligence, vol. 70 of Advances in Information Security, pp. 1–6, Springer International Publishing, Cham, 2018. View at Publisher · View at Google Scholar
  4. S. Jajodia et al., Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats, Springer Science & Business Media, 2011.
  5. D. Kramer and W. Karl, “Realizing a proactive, self-optimizing system behavior within adaptive, heterogeneous many-core architectures,” in Proceedings of the 2012 IEEE 6th International Conference on Self-Adaptive and Self-Organizing Systems, SASO 2012, pp. 39–48, France, September 2012. View at Scopus
  6. R. Nee and R. Prasad, OFDM for Wireless Multimedia Communications, Artech House, Inc, 2000.
  7. H. Zhang G, L. C. Li, and M. Tang, “Capability of evolutionary cryptosystems against differential cryptanalysis,” SCIENTIA SINICA Informationis, vol. 43, no. 4, pp. 545–554, 2013. View at Google Scholar
  8. H. Okhravi, W. Streilein, and K. S. Bauer, Moving Target Techniques: Leveraging Uncertainty for Cyber Defense, MIT Lincoln Laboratory Lexington United States, 2015.
  9. W. Jiangxing, “Research on cyber mimic defense,” Journal of Cyber Security, vol. 4, pp. 1–10, 2016. View at Google Scholar
  10. W. Xiao, X.-Y. Chen, and Y.-B. Bao, “Review of research on reconfigurable information security system,” Tien Tzu Hsueh Pao/Acta Electronica Sinica, vol. 45, no. 5, pp. 1240–1248, 2017. View at Google Scholar · View at Scopus
  11. “National cyber leap year summit 2009 co-chirs’ report [EB/OL],” https://www.nitrd.gov/nitrdgroups/index.php?title=National_Cyber_Leap_Year.
  12. “Cybersecurity game-change research & development recommendations [EB/OL],” http://www.nitrd.gov/pubs/CSIA_IWG_%20Cybersecurity_%20GameChange_RD_%20Recommendations_20100513.pdf.
  13. P. K. Manadhata and J. M. Wing, “An attack surface metric,” IEEE Transactions on Software Engineering, vol. 37, no. 3, pp. 371–386, 2011. View at Publisher · View at Google Scholar · View at Scopus
  14. P. K. Manadhata, “Game theoretic approaches to attack surface shifting,” in Moving Target Defense II, vol. 100 of Advances in Information Security, pp. 1–13, Springer, New York, NY, USA, 2013. View at Publisher · View at Google Scholar
  15. Y. Huang and A. K. Ghosh, “Introducing diversity and uncertainty to create moving attack surfaces for web services,” in Moving Target Defense, vol. 54 of Advances in Information Security, pp. 131–151, Springer, New York, NY, USA, 2011. View at Publisher · View at Google Scholar
  16. R. Zhuang, S. A. DeLoach, and X. Ou, “Towards a theory of moving target defense,” in Proceedings of the 1st ACM Workshop on Moving Target Defense (MTD '14)—Co-located with 21st ACM Conference on Computer and Communications Security (CCS '14), pp. 31–40, Scottsdale, Ariz, USA, November 2014. View at Publisher · View at Google Scholar · View at Scopus
  17. R. Zhuang, A. G. Bardas, S. A. DeLoach, and X. Ou, “A theory of cyber attacks: a step towards analyzing mtd systems,” in Proceedings of the 2nd ACM Workshop on Moving Target Defense, MTD 2015, pp. 11–20, USA, 2015. View at Scopus
  18. P. Ammann, D. Wijesekera, and S. Kaushik, “Scalable, graph-based network vulnerability analysis,” in Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 217–224, ACM, Washington, DC, USA, November 2002. View at Scopus
  19. N. Ghosh and S. Ghosh, “An approach for security assessment of network configurations using attack graph,” in Proceedings of the 2009 First International Conference on Networks & Communications, pp. 283–288, Chennai, India, December 2009. View at Publisher · View at Google Scholar
  20. R. Zhuang, S. Zhang, and A. S. DeLoach, “Simulation-based approaches to studying effectiveness of moving-target network defense,” in Proceedings of the National symposium on moving target research, pp. 1–12, 2012.
  21. S. A. DeLoach, X. Ou, R. Zhuang, and S. Zhang, “Model-driven, moving-target defense for enterprise network security,” in Models@run.time, vol. 8378 of Lecture Notes in Computer Science, pp. 137–161, Springer International Publishing, Cham, 2014. View at Publisher · View at Google Scholar
  22. R. Zhuang, S. A. DeLoach, and X. Ou, “A model for analyzing the effect of moving target defenses on enterprise networks,” in Proceedings of the 9th Annual Cyber and Information Security Research Conference (CISRC '14), pp. 73–76, April 2014. View at Publisher · View at Google Scholar · View at Scopus
  23. J. B. Hong and D. S. Kim, “Assessing the effectiveness of moving target defenses using security models,” IEEE Transactions on Dependable and Secure Computing, vol. 13, no. 2, pp. 163–177, 2016. View at Publisher · View at Google Scholar · View at Scopus
  24. J. R. Hamlet and C. C. Lamb, “Dependency graph analysis and moving target defense selection,” in Proceedings of the 2016 ACM Workshop on Moving Target Defense, MTD 2016, pp. 105–116, Austria. View at Scopus
  25. T. Hobson, H. Okhravi, D. Bigelow, R. Rudd, and W. Streilein, “On the challenges of effective movement,” in Proceedings of the the First ACM Workshop, pp. 41–50, Scottsdale, Arizona, USA, November 2014. View at Publisher · View at Google Scholar
  26. H. Okhravi, T. Hobson, D. Bigelow, and W. Streilein, “Finding focus in the blur of moving-target techniques,” IEEE Security & Privacy, vol. 12, no. 2, pp. 16–26, 2014. View at Publisher · View at Google Scholar · View at Scopus
  27. H. Okhravi and H. Shrobe, Moving Target Techniques: Cyber Resilience Throught Randomization, Diversity, and Dynamism, Massachusetts Inst. of Tech. Lexington United States, 2017.
  28. M. Green, D. C. MacFarland, D. R. Smestad, and C. A. Shue, “Characterizing network-based moving target defenses,” in Proceedings of the 2nd ACM Workshop on Moving Target Defense, MTD 2015, pp. 31–35, USA, 2015. View at Scopus
  29. M. Dunlop, S. Groat, W. Urbanski, R. Marchany, and J. Tront, “MT6D: a moving target IPv6 defense,” in Proceedings of the Military Communications Conference (MILCOM '11), pp. 1321–1326, IEEE, Baltimore, Md, USA, November 2011. View at Publisher · View at Google Scholar · View at Scopus
  30. S. Forrest, A. Somayaji, and D. H. Ackley, “Building diverse computer systems,” in Proceedings of the 1997 6th Workshop on Hot Topics in Operating Systems, HOTOS, pp. 67–72, May 1997. View at Scopus
  31. R. Zhuang, S. Zhang, A. Bardas, S. A. DeLoach, X. Ou, and A. Singhal, “Investigating the application of moving target defenses to network security,” in Proceedings of the 2013 6th International Symposium on Resilient Control Systems, ISRCS 2013, pp. 162–169, San Francisco, Calif, USA, August 2013. View at Publisher · View at Google Scholar · View at Scopus
  32. H. Zhou, C. Wu, M. Jiang et al., “Evolving defense mechanism for future network security,” IEEE Communications Magazine, vol. 53, no. 4, pp. 45–51, 2015. View at Publisher · View at Google Scholar · View at Scopus
  33. M. Carvalho, T. C. Eskridge, K. Ferguson-Walter, and N. Paltzer, “MIRA: a support infrastructure for cyber command and control operations,” in Proceedings of the Resilience Week, RSW 2015, pp. 102–107, USA, August 2015. View at Scopus
  34. M. Carvalho, J. M. Bradshaw, L. Bunch et al., “Command and control requirements for moving-target defense,” IEEE Intelligent Systems, vol. 27, no. 3, pp. 79–85, 2012. View at Publisher · View at Google Scholar · View at Scopus
  35. X. Liang and Y. Xiao, “Game theory for network security,” IEEE Communications Surveys & Tutorials, vol. 15, no. 1, pp. 472–486, 2013. View at Publisher · View at Google Scholar · View at Scopus
  36. H. Maleki, S. Valizadeh, W. Koch et al., “Markov modeling of moving target defense games,” Journal of Cryptology, pp. 47–83, 2016. View at Publisher · View at Google Scholar
  37. C. Lei, D.-H. Ma, and H.-Q. Zhang, “Optimal strategy selection for moving target defense based on markov game,” IEEE Access, vol. 5, pp. 156–169, 2017. View at Publisher · View at Google Scholar · View at Scopus
  38. X. Feng, Z. Zheng, P. Mohapatra, and D. Cansever, “A stackelberg game and markov modeling of moving target defense,” in Proceedings of the International Conference on Decision and Game Theory for Security, vol. 10575, pp. 315–335, Springer International Publishing. View at Publisher · View at Google Scholar
  39. Q. Zhu and T. Başar, “Game-theoretic approach to feedback-driven multi-stage moving target defense,” in Proceedings of the International Conference on Decision and Game Theory for Security, vol. 8252, pp. 246–263, Springer International Publishing, 2013.
  40. M. K. Carter, F. J. Riordan, and H. Okhravi, “A game theoretic approach to strategy determination for dynamic platform defenses,” in Proceedings of the First ACM Workshop on Moving Target Defense, pp. 21–30, 2014.
  41. S. Sengupta, G. S. Vadlamudi, S. Kambhampati et al., “A game theoretic approach to strategy generation for moving target defense in web applications,” in Proceedings of the 16th Conference on Autonomous Agents and MultiAgent Systems, pp. 178–186, 2017.
  42. X. Feng, Z. Zheng, D. Cansever, A. Swami, and P. Mohapatra, “A signaling game model for moving target defense,” in Proceedings of the 2017 IEEE Conference on Computer Communications, INFOCOM 2017, USA, May 2017. View at Scopus
  43. P. J. Fleming and R. C. Purshouse, “Evolutionary algorithms in control systems engineering: a survey,” Control Engineering Practice, vol. 10, no. 11, pp. 1223–1241, 2002. View at Publisher · View at Google Scholar · View at Scopus
  44. J. Zabczyk, Mathematical Control Theory: An Introduction, Springer Science & Business Media, Boston, Mass, USA, 2009. View at MathSciNet
  45. E. Alpaydin, Introduction to Machine Learning, MIT press, 2014.
  46. J. Rowe, N. K. Levitt, and T. Demir, “Artificial diversity as maneuvers in a control theoretic moving target defense,” in Proceedings of the National Symposium on Moving Target Research, 2012.
  47. D. M. Adams, D. S. Hitefield, and B. Hoy, “Application of cybernetics and control theory for a new paradigm in cybersecurity,” Cryptography and Security, 2013, arXiv:1311.0257. View at Google Scholar
  48. R. Colbaugh and K. Glass, “Predictability-oriented defense against adaptive adversaries,” in Proceedings of the IEEE International Conference on Systems, Man, and Cybernetics (SMC '12), pp. 2721–2727, October 2012. View at Publisher · View at Google Scholar · View at Scopus
  49. R. Colbaugh and K. Glass, Predictive Moving Target Defense, United States,, Sandia National Laboratories (SNL-NM), Albuquerque, NM, USA, 2012.
  50. R. Zheng, W. Lu, and S. Xu, “Preventive and reactive cyber defense dynamics is globally stable,” IEEE Transactions on Network Science and Engineering, 2017. View at Publisher · View at Google Scholar · View at Scopus
  51. E. Mayr and W. B. Provine, The Evolutionary Synthesis: Perspectives on the Unification of Biology, Harvard University Press, 1998. View at Publisher · View at Google Scholar
  52. M. Crouse, W. E. Fulp, and D. Canas, “Improving the diversity defense of genetic algorithm-based moving target approaches,” in Proceedings of the National Symposium on Moving Target Research, 2012.
  53. D. J. John, R. W. Smith, W. H. Turkett, D. A. Cañas, and E. W. Fulp, “Evolutionary based moving target cyber defense,” in Proceedings of the 16th Genetic and Evolutionary Computation Conference, GECCO 2014, pp. 1261–1268, Canada, July 2014. View at Scopus
  54. L. M. Winterrose and K. M. Carter, “Strategic evolution of adversaries against temporal platform diversity active cyber defenses,” in Proceedings of the 2014 Symposium on Agent Directed Simulation, 9 pages, 2014.
  55. S. Bitam, S. Zeadally, and A. Mellouk, “Bio-inspired cybersecurity for wireless sensor networks,” IEEE Communications Magazine, vol. 54, no. 6, pp. 68–74, 2016. View at Publisher · View at Google Scholar · View at Scopus
  56. D. Kewley, R. Fink, J. Lowry, and M. Dean, “Dynamic approaches to thwart adversary intelligence gathering,” in Proceedings of the DARPA Information Survivability Conference and Exposition II, DISCEX 2001, pp. 176–185, Anaheim, Calif, USA, June 2001. View at Publisher · View at Google Scholar · View at Scopus
  57. S. Antonatos, P. Akritidis, E. P. Markatos, and K. G. Anagnostakis, “Defending against hitlist worms using network address space randomization,” Computer Networks, vol. 51, no. 12, pp. 3471–3490, 2007. View at Publisher · View at Google Scholar · View at Scopus
  58. L.-Y. Shi, C.-F. Jia, and S.-W. Lu, “Research on end hopping for active network confrontation,” Tongxin Xuebao/Journal on Communication, vol. 29, no. 2, pp. 106–110, 2008. View at Google Scholar · View at Scopus
  59. K. Lin, C.-F. Jia, and L.-Y. Shi, “Improvement of distributed timestamp synchronization,” Tongxin Xuebao/Journal on Communication, vol. 33, no. 10, pp. 110–116, 2012. View at Google Scholar · View at Scopus
  60. Y.-B. Luo, B.-S. Wang, X.-F. Wang, and B.-F. Zhang, “A keyed-hashing based self-synchronization mechanism for port address hopping communication,” Frontiers of Information Technology and Electronic Engineering, vol. 18, no. 5, pp. 719–728, 2017. View at Publisher · View at Google Scholar · View at Scopus
  61. G. Badishi, A. Herzberg, and I. Keidar, “Keeping denial-of-service attackers in the dark,” IEEE Transactions on Dependable and Secure Computing, vol. 4, no. 3, pp. 191–204, 2007. View at Publisher · View at Google Scholar · View at Scopus
  62. M. Dunlop, S. Groat, W. Urbanski, R. Marchany, and J. Tront, “The blind Man's bluff approach to security using IPv6,” IEEE Security & Privacy, vol. 10, no. 4, pp. 35–43, 2012. View at Publisher · View at Google Scholar · View at Scopus
  63. S. Debroy, P. Calyam, M. Nguyen, A. Stage, and V. Georgiev, “Frequency-minimal moving target defense using software-defined networking,” in Proceedings of the 2016 International Conference on Computing, Networking and Communications (ICNC), pp. 1–6, Kauai, HI, USA, Feburary 2016. View at Publisher · View at Google Scholar
  64. E Al-Shaer, Q. Duan, and J. H. Jafarian, “Random host mutation for moving target defense,” in Proceeding of the SecureComm, pp. 310–327, 2012.
  65. J. H. Jafarian, E. Al-Shaer, and Q. Duan, “Openflow random host mutation: transparent moving target defense using software defined networking,” in Proceedings of the 1st Workshop on Hot Topics in Software Defined Networks (HotSDN '12), pp. 127–132, ACM, Helsinki, Finland, August 2012. View at Publisher · View at Google Scholar · View at Scopus
  66. D. C. MacFarland and C. A. Shue, “The SDN shuffle: creating a moving-target defense using host-based software-defined networking,” in Proceedings of the 2nd ACM Workshop on Moving Target Defense, MTD 2015, pp. 37–41, USA, 2015. View at Scopus
  67. R. Skowyra, K. Bauer, V. Dedhia, and H. Okhravi, “Have No PHEAR: networks without identifiers,” in Proceedings of the 2016 ACM Workshop on Moving Target Defense, MTD 2016, pp. 3–14, Austria, 2016. View at Scopus
  68. J. Sun and K. Sun, “DESIR: decoy-enhanced seamless IP randomization,” in Proceedings of the 35th Annual IEEE International Conference on Computer Communications, IEEE INFOCOM 2016, pp. 1–9, April 2016. View at Publisher · View at Google Scholar · View at Scopus
  69. J. H. H. Jafarian, E. Al-Shaer, and Q. Duan, “Spatio-temporal address mutation for proactive cyber agility against sophisticated attackers,” in Proceedings of the 1st ACM Workshop on Moving Target Defense (MTD '14), pp. 69–78, Scottsdale, AZ, USA, November 2014. View at Publisher · View at Google Scholar
  70. J. H. Jafarian, E. Al-Shaer, and Q. Duan, “Adversary-aware IP address randomization for proactive agility against sophisticated attackers,” in Proceedings of the 34th IEEE Annual Conference on Computer Communications and Networks, IEEE INFOCOM 2015, pp. 738–746, Hong Kong, May 2015. View at Scopus
  71. C. Lei, H.-Q. Zhang, D.-H. Ma, and Y.-J. Yang, “Network moving target defense technique based on self-adaptive end-point hopping,” Arabian Journal for Science and Engineering, vol. 42, no. 8, pp. 3249–3262, 2017. View at Publisher · View at Google Scholar · View at Scopus
  72. L. Cheng, M. Duo-He, Z. HongQi, Y. YingJie, and W. Li-Ming, “Moving target defense technique based on network attack surface self-adaptive mutation,” Chinese Journal of Computers, vol. 40, no. 130, 2017. View at Google Scholar
  73. S. Dolev and S. T. David, “SDN-based private interconnection,” in Proceedings of the 2014 13th IEEE International Symposium on Network Computing and Applications, NCA 2014, pp. 129–136, USA, August 2014. View at Scopus
  74. A. Aseeri, N. Netjinda, and R. Hewett, “Alleviating eavesdropping attacks in software-defined networking data plane,” in Proceedings of the 12th Annual Cyber and Information Security Research Conference, CISRC 2017, USA, April 2017. View at Scopus
  75. R. Safavi-Naini, A. Poostindouz, and V. Lisy, “Path hopping,” in Proceedings of the the 2017 Workshop, pp. 111–114, Dallas, TX, USA, October 2017. View at Publisher · View at Google Scholar
  76. Q. Duan, E. Al-Shaer, and H. Jafarian, “Efficient random route mutation considering flow and network constraints,” in Proceedings of the 1st IEEE International Conference on Communications and Network Security (CNS '13), pp. 260–268, October 2013. View at Publisher · View at Google Scholar · View at Scopus
  77. J. Jafarian, E. Al-Shaer, and Q. Duan, “Formal approach for route agility against persistent attackers,” in Computer Security—ESORICS 2013, J. Crampton, S. Jajodia, and K. Mayes, Eds., vol. 8134 of Lecture Notes in Computer Science, pp. 237–254, Springer, Berlin, Germany, 2013. View at Publisher · View at Google Scholar
  78. F. Gillani, E. Al-Shaer, S. Lo, Q. Duan, M. Ammar, and E. Zegura, “Agile virtualized infrastructure to proactively defend against cyber attacks,” in Proceedings of the 34th IEEE Annual Conference on Computer Communications and Networks, IEEE INFOCOM 2015, pp. 729–737, May 2015. View at Publisher · View at Google Scholar · View at Scopus
  79. Q. Wang, F. Xiao, M. Zhou et al., “Mitigating link-flooding attacks with active link obfuscation,” Networking and Internet Architecture, 2017, arXiv:1703.09521. View at Google Scholar
  80. M. Chew and D. Song, “Mitigating buffer overflows by operating system randomization,” Technical Report CMU-CS-02-197, 2002.
  81. G. S. Kc, A. D. Keromytis, and V. Prevelakis, “Countering code-injection attacks with instruction-set randomization,” in Proceedings of the 10th ACM Conference on Computer and Communications Security, CCS 2003, pp. 272–280, USA, October 2003. View at Scopus
  82. L. Li, J. Just, and R. Sekar, “Address-space randomization for windows systems,” in Proceedings of the 2006 22nd Annual Computer Security Applications Conference (ACSAC'06), pp. 329–338, Miami Beach, FL, USA, December 2006. View at Publisher · View at Google Scholar
  83. E. G. Barrantes, T. S. Palmer, D. H. Ackley, D. Stefanović, S. Forrest, and D. D. Zovi, “Randomized instruction set emulation to disrupt binary code injection attacks,” in Proceedings of the 10th ACM Conference on Computer and Communications Security, CCS 2003, pp. 281–289, USA, October 2003. View at Scopus
  84. C. Cowan, S. Beattie, and J. Johansen, “Pointguard TM: protecting pointers from buffer overflow vulnerabilities,” in Proceedings of the 12th conference on USENIX Security Symposium, vol. 12, pp. 91–104, 2003.
  85. S. Bhatkar and R. Sekar, “Data space randomization,” in Proceedings of the DIMVA, pp. 1–22, 2008.
  86. T. Roeder and F. B. Schneider, “Proactive obfuscation,” ACM Transactions on Computer Systems, vol. 28, no. 2, 2010. View at Google Scholar · View at Scopus
  87. B. Salamat, A. Gal, and M. Franz, “Reverse stack execution in a multi-variant execution environment,” in Proceedings of the Workshop on Compiler and Architectural Techniques for Application Reliability and Security, pp. 1–7, 2008.
  88. T. Jackson, C. Wimmer, and M. Franz, “Multi-variant program execution for vulnerability detection and analysis,” in Proceedings of the the Sixth Annual Workshop, pp. 1–38, Oak Ridge, Tennessee, April 2010. View at Publisher · View at Google Scholar
  89. T. Jackson, A. Homescu, S. Crane, P. Larsen, S. Brunthaler, and M. Franz, “Diversifying the software stack using randomized NOP insertion,” in Moving Target Defense II, vol. 100 of Advances in Information Security, pp. 151–173, Springer, New York, NY, USA, 2013. View at Publisher · View at Google Scholar
  90. A. J. O'Donnell and H. Sethu, “On achieving software diversity for improved network security using distributed coloring algorithms,” in Proceedings of the 11th ACM Conference on Computer and Communications Security, CCS 2004, pp. 121–131, USA, October 2004. View at Scopus
  91. M. Azab, R. Hassan, and M. Eltoweissy, “ChameleonSoft: a moving target defense system,” in Proceedings of the 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing, ColiaborateCom 2011, pp. 241–250, USA, October 2011. View at Scopus
  92. L. V. Davi, A. Dmitrienko, S. Nürnberger, and A.-R. Sadeghi, “Gadge me if you can: secure and efficient ad-hoc instruction-level randomization for x86 and ARM,” in Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, ASIA CCS 2013, pp. 299–310, China, May 2013. View at Scopus
  93. A. Gupta, S. Kerr, M. S. Kirkpatrick, and E. Bertino, “Marlin: a fine grained randomization approach to defend against ROP attacks,” in Proceedings of the International Conference on Network and System Security, vol. 7873, pp. 293–306, Springer Berlin Heidelberg, 2013.
  94. S. Vikram, C. Yang, and G. Gu, “NOMAD: towards non-intrusive moving-target defense against web bots,” in Proceedings of the 1st IEEE International Conference on Communications and Network Security, CNS 2013, pp. 55–63, USA, October 2013. View at Scopus
  95. M. Christodorescu, M. Fredrikson, S. Jha, and J. Giffin, “End-to-end software diversification of internet services,” in Moving Target Defense, vol. 54 of Advances in Information Security, pp. 117–130, Springer, New York, NY, USA, 2011. View at Publisher · View at Google Scholar
  96. P. Beraud, A. Cruz, S. Hassell, and S. Meadows, “Using cyber maneuver to improve network resiliency,” in Proceedings of the 2011 IEEE Military Communications Conference, MILCOM 2011, pp. 1121–1126, USA, November 2011. View at Scopus
  97. P. Beraud, A. Cruz, S. Hassell, J. Sandoval, and J. J. Wiley, “Cyber defense network maneuver commander,” in Proceedings of the 44th Annual 2010 IEEE International Carnahan Conference on Security Technology, ICCST 2010, pp. 112–120, USA, October 2010. View at Scopus
  98. M. Atighetchi, P. Pal, F. Webber, R. Schantz, C. Jones, and J. Loyall, “Adaptive cyberdefense for survival and intrusion tolerance,” IEEE Internet Computing, vol. 8, no. 6, pp. 25–33, 2004. View at Publisher · View at Google Scholar · View at Scopus
  99. W. Nelson, W. Farrell, M. Atighetchi et al., “APOD experiment 2: final report,” BBN Technologies LLC, Technical Memorandum, vol. 1326, 2002. View at Google Scholar
  100. P. Pal, R. Schantz, A. Paulos, J. Regehr, and M. Hibler, “Advanced adaptive application (A3) environment: initial experience,” in Proceedings of the Middleware 2011 Industry Track: Part of the ACM/IFIP/USENIX International Middleware Conference, Middleware'11, 5 pages, Portugal, December 2011. View at Scopus
  101. A. Paulos, P. Pal, R. Schantz, and B. Benyo, “Moving target defense (MTD) in an adaptive execution environment,” in Proceedings of the the Eighth Annual Cyber Security and Information Intelligence Research Workshop, Oak Ridge, Tenn, USA, January 2013. View at Publisher · View at Google Scholar
  102. P. Pal, R. Schantz, A. Paulos, and B. Benyo, “Managed execution environment as a moving-target defense infrastructure,” IEEE Security & Privacy, vol. 12, no. 2, pp. 51–59, 2014. View at Google Scholar · View at Scopus
  103. H. Okhravi, I. E. Robinson, S. Yannalfo et al., “Talent: dynamic platform heterogeneity for cyber survivability of mission critical applications,” in Proceedings of the Secure and Resilient Cyber Architecture Conference (SRCA'10), 2010.
  104. J. Yackoski, P. Xie, H. Bullen, J. Li, and K. Sun, “A self-shielding dynamic network architecture,” in Proceedings of the 2011 IEEE Military Communications Conference, MILCOM 2011, pp. 1381–1386, USA, November 2011. View at Scopus
  105. J. Yackoski, H. Bullen, X. Yu, and J. Li, “Applying self-shielding dynamics to the network architecture,” in Moving Target Defense II, vol. 100 of Advances in Information Security, pp. 97–115, Springer, New York, NY, USA, 2013. View at Publisher · View at Google Scholar
  106. D. Evans, A. Nguyen-Tuong, and J. Knight, “Effectiveness of moving target defenses,” in Moving Target Defense, vol. 54 of Advances in Information Security, pp. 29–48, Springer, New York, NY, USA, 2011. View at Publisher · View at Google Scholar
  107. B. Van Leeuwen, W. Stout, and V. Urias, “MTD assessment framework with cyber attack modeling,” in Proceedings of the 50th Annual IEEE International Carnahan Conference on Security Technology, ICCST 2016, USA, October 2016. View at Scopus
  108. M. Torgerson, Security Metrics for Communication Systems, 12th ICCRTS, Newport, RI, USA, 2007.
  109. B. Van Leeuwen, W. M. S. Stout, and V. Urias, “Operational cost of deploying moving target defenses defensive work factors,” in Proceedings of the 34th Annual IEEE Military Communications Conference, MILCOM 2015, pp. 966–971, USA, October 2015. View at Scopus
  110. J. Zheng and A. S. Namin, “The impact of address changes and host diversity on the effectiveness of moving target defense strategy,” in Proceedings of the 2016 IEEE 40th Annual Computer Software and Applications Conference (COMPSAC), pp. 553–558, Atlanta, GA, USA, June 2016. View at Publisher · View at Google Scholar
  111. Y. Han, W. Lu, and S. Xu, “Characterizing the power of moving target defense via cyber epidemic dynamics,” in Proceedings of the the 2014 Symposium and Bootcamp, pp. 1–12, Raleigh, North Carolina, April 2014. View at Publisher · View at Google Scholar
  112. T. E. Carroll, M. Crouse, E. W. Fulp, and K. S. Berenhaut, “Analysis of network address shuffling as a moving target defense,” in Proceedings of the 1st IEEE International Conference on Communications (ICC '14), pp. 701–706, IEEE, Sydney, Australia, June 2014. View at Publisher · View at Google Scholar · View at Scopus
  113. A. Prakash and M. P. Wellman, “Empirical game-theoretic analysis for moving target defense,” in Proceedings of the 2nd ACM Workshop on Moving Target Defense (MTD '15), pp. 57–65, 2015. View at Publisher · View at Google Scholar · View at Scopus
  114. G. S. Bopche and B. M. Mehtre, “Graph similarity metrics for assessing temporal changes in attack surface of dynamic networks,” Computers & Security, vol. 64, pp. 16–43, 2017. View at Publisher · View at Google Scholar · View at Scopus
  115. J. Xu, P. Guo, M. Zhao, R. F. Erbacher, M. Zhu, and P. Liu, “Comparing different moving target defense techniques,” in Proceedings of the 1st ACM Workshop on Moving Target Defense (MTD '14), pp. 97–107, ACM, Scottsdale, Ariz, USA, 2014. View at Publisher · View at Google Scholar · View at Scopus
  116. K. Zaffarano, J. Taylor, and S. Hamilton, “A quantitative framework for moving target defense effectiveness evaluation,” in Proceedings of the 2nd ACM Workshop on Moving Target Defense, MTD 2015, pp. 3–10, USA. View at Scopus
  117. C. Lei, D.-h. Ma, H.-q. Zhang, and L.-m. Wang, “Moving target network defense effectiveness evaluation based on change-point detection,” Mathematical Problems in Engineering, vol. 2016, Article ID 6391502, 11 pages, 2016. View at Publisher · View at Google Scholar
  118. J. Taylor, K. Zaffarano, B. Koller, C. Bancroft, and J. Syversen, “Automated effectiveness evaluation of moving target defenses: metrics for missions and attacks,” in Proceedings of the 2016 ACM Workshop on Moving Target Defense, MTD 2016, pp. 129–134, Austria. View at Scopus
  119. T. C. Eskridge, M. Carvalho, E. Stoner, T. Toggweiler, and A. Granados, “VINE: a cyber emulation environment for MTD experimentation,” in Proceedings of the 2nd ACM Workshop on Moving Target Defense, MTD 2015, pp. 43–47, USA. View at Scopus
  120. M. Atighetchi, B. Simidchieva, M. Carvalho, and D. Last, “Experimentation support for cyber security evaluations,” in Proceedings of the 11th Annual Cyber and Information Security Research Conference, CISRC 2016, USA, April 2016. View at Scopus
  121. Q. Jia, K. Sun, and A. Stavrou, “MOTAG: moving target defense against internet denial of service attacks,” in Proceedings of the 2013 IEEE 2013 22nd International Conference on Computer Communication and Networks, ICCCN 2013, Bahamas, Caribbean, August 2013. View at Scopus
  122. H. Wang, Q. Jia, D. Fleck, W. Powell, F. Li, and A. Stavrou, “A moving target DDoS defense mechanism,” Computer Communications, vol. 46, pp. 10–21, 2014. View at Publisher · View at Google Scholar · View at Scopus
  123. Q. Jia, H. Wang, D. Fleck, F. Li, A. Stavrou, and W. Powell, “Catch me if you can: a cloud-enabled DDoS defense,” in Proceedings of the 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2014, pp. 264–275, USA, June 2014. View at Scopus
  124. A. Chowdhary, S. Pisharody, and D. Huang, “SDN based scalable MTD solution in cloud network,” in Proceedings of the 2016 ACM Workshop on Moving Target Defense, MTD 2016, pp. 27–36, Austria. View at Scopus
  125. S. Pisharody, J. Natarajan, A. Chowdhary, A. Alshalan, and D. Huang, “Brew: a security policy analysis framework for distributed SDN-based cloud environments,” IEEE Transactions on Dependable and Secure Computing, 2017. View at Google Scholar · View at Scopus
  126. V. Heydari, S.-I. Kim, and S.-M. Yoo, “Anti-censorship framework using mobile IPv6 based moving target defense,” in Proceedings of the 11th Annual Cyber and Information Security Research Conference, CISRC 2016, USA, April 2016. View at Scopus
  127. V. Heydari, S.-I. Kim, and S.-M. Yoo, “Scalable anti-censorship framework using moving target defense for web servers,” IEEE Transactions on Information Forensics and Security, vol. 12, no. 5, pp. 1113–1124, 2017. View at Publisher · View at Google Scholar · View at Scopus
  128. G. A. Fink and C. S. Oehmen, “Final report for bio-inspired approaches to moving-target defense strategies,” Tech. Rep. PNNL-21854, Pacific Northwest National Laboratory (PNNL), Richland, WA, USA, 2012. View at Publisher · View at Google Scholar
  129. M. H. Almeshekah and E. H. Spafford, “Cyber security deception,” Cyber Deception: Building the Scientific Foundation, pp. 23–50, 2016. View at Google Scholar · View at Scopus
  130. A. Shameli Sendi, Y. Jarraya, M. Pourzandi, and M. Cheriet, “Efficient provisioning of security service function chaining using network security defense patterns,” IEEE Transactions on Services Computing, pp. 1–1, 2017. View at Publisher · View at Google Scholar
  131. K. Z. Snow, F. Monrose, L. Davi, A. Dmitrienko, C. Liebchen, and A.-R. Sadeghi, “Just-in-time code reuse: on the effectiveness of fine-grained address space layout randomization,” in Proceedings of the 34th IEEE Symposium on Security and Privacy, SP 2013, pp. 574–588, USA, May 2013. View at Scopus