Stochastic Model-based Quantitative Effectiveness Analysis Of Moving Target Defense

The counterwork and game between adversaries and defenders could never be stopped in cyber space.Owing to the static properties of the information systems,adversaries always have the upper hand in terms of time so that they can gain enough information about the target system before launching the attack.Therefore,it is becoming increasingly hard for traditional security mechanisms such as IDS,firewalls and anti-virus,to withstand new forms of threats.To eliminate this disadvantage of defenders,the concept of Moving Target Defense(MTD)has been proposed as a game changer as it offers a proactive defense by creating asymmetric uncertainty of the target system to confuse the adversaries.To do this,MTD continuously changes the attack surface of the system,reduces the attacker's chance of grasping the information of the protected system and accordingly reduces the probability of successful attacks.In the past few years,various MTD techniques focusing on one or more aspects of system parameters have been proposed.In the mean time,there were also some studies focusing on analyzing the effectiveness of MTD.Notice that,while introducing the variable and unpredictable attack surface to the adversaries,MTD also brings extra computational overhead and more importantly,it affects the running jobs on the target system.Therefore,it is valuable to study the overall impacts of MTD techniques from the perspective of the jobs which has always been ignored in current researches.This thesis focuses on the quantitative evaluation of the effectiveness and performance as well as the system survivability impact of moving target defense.For different analysis scenarios,we propose four evaluation solutions as follows:1.From the perspective of the running process of a preemptiverepeat job,we propose a discrete-time Markov chain(DTMC)model based quantitative effectiveness analysis method of MTD.Due to the existence of attacks and MTD,the running process of a job is divided into multiple stages and the actual completion time is usually longer than expected.A preemptive-repeat job means the job is restarted from its beginning if it is destroyed by an attacker at any stage.In this context,we propose a quantitative effectiveness evaluation approach of MTD based on the DTMC model.We divide jobs into long-term running jobs and short-term jobs according to whether there is a fixed running time requirement of the job.The DTMC model here captures job execution behaviours in the system.Based on the model,we derive the formulas for calculating Mean Time to Failure(MTTF,for long-term jobs)and Job Completion Time(JCT,for short-term jobs)and the probability of successful attacks,which are the main effectiveness metrics in this approach.2.From the perspective of the running process of a preemptiveresume job,we propose a stochastic reward net(SRN)model based quantitative effectiveness analysis method of MTD.Different from the preemptiverepeat job,a preemptive-resume job is resumed from the stage where it was preempted by the attack.i.e.The attacks can only affect the running time of the current running stage.In this context,we use job finish time as the main metric to investigate the job performance and its security while using MTD technique.Several SRN sub-models are developed to capture the behaviors of both the adversary and job execution process under MTD environment.Based on our model,numerical experiments are carried our to study the impact of different system parameters on job finish time and other evaluation metrics.In addition,we proposes an automated model generation program for quantitative effectiveness analysis of MTD under different attack scenarios and system scales.3.For continual job requests scenario,we propose a quasi-birth and death process based quantitative effectiveness analysis method of MTD.In this thesis,we first evaluate the system performance coming with MTD mechanism as well as effectiveness considering continual mix job requests.The coming job requests are mixed with legal job stream and the adversary's attack stream.The servers are used to respond to the job request and may not be available sometime due to the“moving” action of MTD.We propose four different models for two single-server scenarios and two multiple-servers scenarios respectively.We use the mean job waiting time and queue length as the main performance metrics and give the closed-form solutions of each model.Especially,we propose a hierarchical calculation method to decompose the multi-dimensional model under multiple servers scenarios into two one-dimensional models.In addition,we analyzed the impact of different attack stream ratios and defense parameters on the attack success rate.4.We propose a quantitative analysis method for survivability of cloud service under MTD environment.Existing researches on quantitative evaluation of MTD either focuses on effectiveness or system performance.The transient reliability improvement of the system by MTD is always ignored.In order to fill this gap,we propose a quantitative survivability analysis approach based on continuous-time Markov chain(CTMC)model.Survivability is a transient reliability measure,referring to a system's ability to restore to pre-defined operation in a timely manner after a failure.We focuses on the analysis of the service which is deployed in an MTD protected distributed cloud data center.The proposed CTMC model is used to describe the state changes of the service during the recovery process after the failure due to attacks,software aging,or proactive moving.We define the service recovery probability at any time and the loss caused by failures as the main survivability metrics.Numerical experiments show the impact of the MTD parameters on the system survivability.