Analyzing the Effect of Moving Target Defense for a Web System
Moving target defense (MTD) is a feasible idea for reducing the ratio of successful attacks by altering or diversifying the attributes or parameters of a protected system. As a result of applying MTD techniques to a system, an attacker would have more difficulties in launching attacks. Although several MTD techniques have been proposed for different types of attack, estimating the effectiveness of combining these MTDs remains a challenge. With the aim of setting up a method for evaluating MTDs, we first propose a model composed of two MTD diversification techniques to compare an attack success ratio between theoretical and experimental probability. To validate the proposed model, we conducted an experiment involving an actual attack and then analyzed how our MTD model can adequately estimate a binary-code injection attack. Results show that the rate of attack success is 100% when MTD diversification is not implemented, while the rate is reduced depending on how many variants can be diversified in a target system. Our method is an important first step toward establishing a method for evaluating MTDs, as well as predicting an MTD’s defensive abilities.
- There are currently no refbacks.