| Enterprises today are rapidly moving their internal server infrastructure to cloud providers such as AWS and Azure. Migrating to IaaS providers raises a different set of security threats when compared to in-house IT infrastructure. But cloud infrastructure also offers new sets of opportunities and flexibility which were previously infeasible. One such opportunity is implementing a Moving Target Defense (MTD) as part of a cloud deployment's architecture. In this thesis we proposed a MTD architecture inspired by Netflix's chaos monkey library. We evaluated our proposed architecture for performance overhead, ran discrete event simulations to evaluate potential benefits in terms of cost of being exploited and finally we model our architecture as a game to formulate a function to compute the probability of attack. Our goal with this work was to highlight the possibility of implementing a layer of moving target defense at an architectural level for enterprise security teams. |
