A layer-crossing multi-factor and dynamic security model over a moving target defence

Abstract

Moving target defence mainly focus on the single parameter hopping and rarely refer to the hopping of multiple parameters in multiple layers. With the background of database security, this paper constructs a layer-crossing, multi-parameter and dynamic security model over moving target defence. Seven parameters which belong to different layers in the database application are defined, and two mathematical functions of successful attack probability and the reconnection time of the legitimate users are proposed. Then through mathematical analysis, this paper comes to the conclusion that it is impossible to let the successful attack probability and the average reconnection time take the minimum values at the same time. Finally, under specific scenarios, the specific expressions of the two functions and the optimal hopping interval of each parameter are present. The model proposed is not only applicable to the security of database system, but also to other information systems.