Dynamic generation containment systems (DGCS): A Moving Target Defense approach

Abstract

Supervisory Control and Data Acquisition (SCADA) systems are critical assets to public utility and manufacturing organizations. These systems, although critical, are prone to numerous cyber security related threats and attacks. To combat such challenges, we propose a Dynamic Generated Containment System (DGCS), a moving target defense model as a method of threat evasion. Under the proposed approach, we employ the use of intrusion detection systems (IDS) in conjunction with virtualization solution-Docker. The proposed approach provides an individual Docker container for each threat detected by our IDS. We conduct several experiments using high performance computing systems to measure and demonstrate our proposed approach.