Rui Zhuang, Alexandru G. Bardas, S. DeLoach, Xinming Ou
{"title":"A Theory of Cyber Attacks: A Step Towards Analyzing MTD Systems","authors":"Rui Zhuang, Alexandru G. Bardas, S. DeLoach, Xinming Ou","doi":"10.1145/2808475.2808478","DOIUrl":null,"url":null,"abstract":"Moving Target Defenses (MTD) have been touted as a game changing approach to computer security that eliminates the static nature of current computer systems -- an attacker's biggest advantage. While promising, the dynamism of MTD introduces challenges related to understanding and quantifying the impact of MTD systems on security, users, and attackers. To analyze this impact, both the concepts of MTD systems and cyber attacks must be formalized. While a theory of MTD systems was proposed in [18], this paper presents a theory of cyber attacks that supports the understanding and analysis of the interaction between MTD systems and the attacks they hope to thwart. The theory defines key concepts that support precise discussion of attacker knowledge, attack types, and attack instances. The paper also presents concrete examples to show how these definitions and concepts can be used in realistic scenarios.","PeriodicalId":20578,"journal":{"name":"Proceedings of the Second ACM Workshop on Moving Target Defense","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2015-10-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"47","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the Second ACM Workshop on Moving Target Defense","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2808475.2808478","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 47
Abstract
Moving Target Defenses (MTD) have been touted as a game changing approach to computer security that eliminates the static nature of current computer systems -- an attacker's biggest advantage. While promising, the dynamism of MTD introduces challenges related to understanding and quantifying the impact of MTD systems on security, users, and attackers. To analyze this impact, both the concepts of MTD systems and cyber attacks must be formalized. While a theory of MTD systems was proposed in [18], this paper presents a theory of cyber attacks that supports the understanding and analysis of the interaction between MTD systems and the attacks they hope to thwart. The theory defines key concepts that support precise discussion of attacker knowledge, attack types, and attack instances. The paper also presents concrete examples to show how these definitions and concepts can be used in realistic scenarios.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
