一种评估运动目标防御系统的新设计

2018 Sixth International Symposium on Computing and Networking Workshops (CANDARW) Pub Date : 2018-11-01 DOI:10.1109/CANDARW.2018.00111

Wai Kyi Kyi Oo, Hiroshi Koide, Danilo Vasconcellos Vargas, K. Sakurai

{"title":"一种评估运动目标防御系统的新设计","authors":"Wai Kyi Kyi Oo, Hiroshi Koide, Danilo Vasconcellos Vargas, K. Sakurai","doi":"10.1109/CANDARW.2018.00111","DOIUrl":null,"url":null,"abstract":"Moving Target Defense (MTD) concept has been a feasible idea for reducing the possibility of attack happening through alternation attack surfaces or diversification the attribute or parameters of a protected system. As a result of applying MTD techniques to the system, an attacker would have more difficulties in exploiting a vulnerabilities of the target system. This study proposes an evaluation method of MTD systems combined with several different MTD techniques. The proposed method is a primary step in designing an evaluation model for the effectiveness of MTD. The main goal is to estimate the attack success ratio on the MTD systems mitigating from threats of executable binary file or malware injection. With the proposed evaluation method, we expect to prove that the MTD technology can enhance the security of a web server, and can be applied in a real-world information system. As our preliminary work done, we set up a prototype framework to validate the proposed work in a pseudo-experimental environment.","PeriodicalId":329439,"journal":{"name":"2018 Sixth International Symposium on Computing and Networking Workshops (CANDARW)","volume":"22 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"A New Design for Evaluating Moving Target Defense System\",\"authors\":\"Wai Kyi Kyi Oo, Hiroshi Koide, Danilo Vasconcellos Vargas, K. Sakurai\",\"doi\":\"10.1109/CANDARW.2018.00111\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Moving Target Defense (MTD) concept has been a feasible idea for reducing the possibility of attack happening through alternation attack surfaces or diversification the attribute or parameters of a protected system. As a result of applying MTD techniques to the system, an attacker would have more difficulties in exploiting a vulnerabilities of the target system. This study proposes an evaluation method of MTD systems combined with several different MTD techniques. The proposed method is a primary step in designing an evaluation model for the effectiveness of MTD. The main goal is to estimate the attack success ratio on the MTD systems mitigating from threats of executable binary file or malware injection. With the proposed evaluation method, we expect to prove that the MTD technology can enhance the security of a web server, and can be applied in a real-world information system. As our preliminary work done, we set up a prototype framework to validate the proposed work in a pseudo-experimental environment.\",\"PeriodicalId\":329439,\"journal\":{\"name\":\"2018 Sixth International Symposium on Computing and Networking Workshops (CANDARW)\",\"volume\":\"22 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 Sixth International Symposium on Computing and Networking Workshops (CANDARW)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CANDARW.2018.00111\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 Sixth International Symposium on Computing and Networking Workshops (CANDARW)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CANDARW.2018.00111","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

移动目标防御(MTD)概念是通过改变攻击面或使被保护系统的属性或参数多样化来减少攻击发生的可能性的一种可行的思想。将MTD技术应用于系统的结果是，攻击者在利用目标系统的漏洞时会遇到更多困难。本文提出了一种结合多种不同MTD技术的MTD系统评价方法。该方法是设计MTD有效性评价模型的第一步。主要目标是估计MTD系统免受可执行二进制文件或恶意软件注入威胁的攻击成功率。通过提出的评估方法，我们期望证明MTD技术可以提高web服务器的安全性，并且可以应用于实际的信息系统中。在我们的初步工作完成后，我们建立了一个原型框架来验证在伪实验环境中提出的工作。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A New Design for Evaluating Moving Target Defense System

Moving Target Defense (MTD) concept has been a feasible idea for reducing the possibility of attack happening through alternation attack surfaces or diversification the attribute or parameters of a protected system. As a result of applying MTD techniques to the system, an attacker would have more difficulties in exploiting a vulnerabilities of the target system. This study proposes an evaluation method of MTD systems combined with several different MTD techniques. The proposed method is a primary step in designing an evaluation model for the effectiveness of MTD. The main goal is to estimate the attack success ratio on the MTD systems mitigating from threats of executable binary file or malware injection. With the proposed evaluation method, we expect to prove that the MTD technology can enhance the security of a web server, and can be applied in a real-world information system. As our preliminary work done, we set up a prototype framework to validate the proposed work in a pseudo-experimental environment.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2018 Sixth International Symposium on Computing and Networking Workshops (CANDARW)

自引率

0.00%

发文量