Research On Security Assessment Technology For Moving Target Defense System

The certainty,similarity,stationarity and vulnerabilities persistence of existing network information systems lead the defenders to a passive and inferior position.To implement a proactive cyber defense,the Moving Target Defense,as one of the “game-changing” themes to cybersecurity revolutionary technologies proposed by the United States,has emerged in recent years.With the continuous application of MTD technology in the information system security architecture,how to assess the security of MTD-based information system has become a new research direction in the field of information security.Currently,the majority of mainstream security assessment and analysis methods for network systems perform analysis and assessment after modeling the static information system.In a MTD system,the mechanisms such as dynamization,virtualization and randomization are often implemented at the structural dimensions of network and system.Partial stationarity and certainty between various elements of original system no longer exist.This makes the existing mainstream network security assessment technologies difficult to deal with the dynamic,active attack-defense game existing in the MTD system,so that the security assessment problem of MTD system cannot be effectively solved.In this paper,the concept description,mechanism explanation and technology introduction of the Moving Target Defense,a novel network information system defense technology,is carried out first,as well as the survey,induction,analysis and summary of the latest research advances in security assessment methods for Moving Target Defense systems at home and abroad.Then,the relevant basic knowledge such as game theory,Markov process and Markov game are combed through.Then,from the perspective of game theory,the attack-defense confrontation in cyberspace is depicted as the game between the offensive and defensive sides.It is described as a Markov dynamic game of non-cooperative complete information based on the Mimic Security Defense system architecture proposed by Wu Jiangxing(an Academician of the Chinese Academy of Engineering)according to the dynamic characteristics of attack-defense confrontation of Mimic Defense system in the cyberspace.Besides,a Markov game theory-based security assessment model for Mimic Defense system is also created.Finally,the above model is subject to verification and utility analysis by incorporating the use cases of Mimic Defense host system.