# A Survey of Moving Target Defenses for Network Security

**Authors:** Sailik Sengupta, Ankur Chowdhary, Abdulhakim Sabur, Adel Alshamrani,, Dijiang Huang, Subbarao Kambhampati

arXiv: 1905.00964 · 2020-03-24

## TL;DR

This survey reviews recent advancements in Moving Target Defense (MTD) strategies for network security, categorizing methods, discussing implementation technologies like SDN and NFV, and evaluating their effectiveness through various metrics.

## Contribution

It provides a comprehensive categorization of MTDs, discusses their implementation using networking technologies, and evaluates their effectiveness with qualitative and quantitative metrics.

## Key findings

- Network technologies like SDN and NFV enable effective MTD deployment.
- Game-theoretic models assist in developing movement strategies.
- Categorization helps identify future research directions.

## Abstract

Network defenses based on traditional tools, techniques, and procedures fail to account for the attacker's inherent advantage present due to the static nature of network services and configurations. To take away this asymmetric advantage, Moving Target Defense (MTD) continuously shifts the configuration of the underlying system, in turn reducing the success rate of cyberattacks. In this survey, we analyze the recent advancements made in the development of MTDs and define categorizations that capture the key aspects of such defenses. We first categorize these defenses into different sub-classes depending on what they move, when they move and how they move. In trying to answer the latter question, we showcase the use of domain knowledge and game-theoretic modeling can help the defender come up with effective and efficient movement strategies. Second, to understand the practicality of these defense methods, we discuss how various MTDs have been implemented and find that networking technologies such as Software Defined Networking and Network Function Virtualization act as key enablers for implementing these dynamic defenses. We then briefly highlight MTD test-beds and case-studies to aid readers who want to examine or deploy existing MTD techniques. Third, our survey categorizes proposed MTDs based on the qualitative and quantitative metrics they utilize to evaluate their effectiveness in terms of security and performance. We use well-defined metrics such as risk analysis and performance costs for qualitative evaluation and metrics based on Confidentiality, Integrity, Availability (CIA), attack representation, QoS impact, and targeted threat models for quantitative evaluation. Finally, we show that our categorization of MTDs is effective in identifying novel research areas and highlight directions for future research.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1905.00964/full.md

## Figures

19 figures with captions in the complete paper: https://tomesphere.com/paper/1905.00964/full.md

## References

175 references — full list in the complete paper: https://tomesphere.com/paper/1905.00964/full.md

---
Source: https://tomesphere.com/paper/1905.00964