|Understanding and quantifying the impact of moving target defenses on computer networks|
The goal of this research is to understand and quantify the potential and limitations of moving-target defense (MTD) systems to protect computer networks against the use of general vulnerability exploits to gain unauthorized access. To achieve this goal, we plan to create (1) a set of analytical models to quantify the effectiveness of MTD systems, and (2) a proof-of-concept MTD system that will automatically adapt multiple aspects of the network’s logical and physical configuration. Key research questions we plan to address include
To understand MTD systems, we will design mathematical models to capture key adaptability parameters of MTD systems, which include the frequency, size, and type of adaptivity exhibited by the MTD. We will investigate stochastic modeling to understand the effect of adaptability parameters on attack success likelihood. We plan to answer the questions
To validate our models, we will develop a proof-of-concept MTD that explicitly models the system’s mission/security goals and maps them to network resources. We will leverage our current research in reasoning under uncertainty to study the benefits of triggering MTDs based on real-time observations indicating transient risks as well as inherent risks.
Dates: 4/1/2012 - 3/31/2017
Article in ACM News