{"title":"对移动目标防御及其类比的批判","authors":"Alexander Bajic, G. Becker","doi":"10.1145/3387902.3397225","DOIUrl":null,"url":null,"abstract":"In the last decade the Moving Target Defense (MTD) has gained popularity as a new cyber security defense paradigm. Moving Target Defense (MTD) intends to change the (presumable) information asymmetry between attacker and defender in favor of the defender by constantly changing a network's appearance as to invalidate previously acquired information. Many papers discussing MTD have been proposed and in recent years MTD techniques for a wide range of applications in enterprise networks, Cloud environments, IoT, automotive CAN buses and smart grids have been proposed. In these papers, MTD is often introduced as a \"game changer\" and explained with help of nice figurative analogies. Yet, how useful are these repeated changes really to deter the attacker? And even more importantly, could it not be that there are downsides to the constant changes that, ultimately, degrade security? In this position paper we argue that one needs to have a more critical and open minded view on MTD. There are MTD techniques that improve security. But we also provide several examples where they reduce security or where movement does not matter at all and is only introduced as to label a given technique as MTD.","PeriodicalId":155089,"journal":{"name":"Proceedings of the 17th ACM International Conference on Computing Frontiers","volume":"45 2-3","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-05-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"A critical view on moving target defense and its analogies\",\"authors\":\"Alexander Bajic, G. Becker\",\"doi\":\"10.1145/3387902.3397225\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In the last decade the Moving Target Defense (MTD) has gained popularity as a new cyber security defense paradigm. Moving Target Defense (MTD) intends to change the (presumable) information asymmetry between attacker and defender in favor of the defender by constantly changing a network's appearance as to invalidate previously acquired information. Many papers discussing MTD have been proposed and in recent years MTD techniques for a wide range of applications in enterprise networks, Cloud environments, IoT, automotive CAN buses and smart grids have been proposed. In these papers, MTD is often introduced as a \\\"game changer\\\" and explained with help of nice figurative analogies. Yet, how useful are these repeated changes really to deter the attacker? And even more importantly, could it not be that there are downsides to the constant changes that, ultimately, degrade security? In this position paper we argue that one needs to have a more critical and open minded view on MTD. There are MTD techniques that improve security. But we also provide several examples where they reduce security or where movement does not matter at all and is only introduced as to label a given technique as MTD.\",\"PeriodicalId\":155089,\"journal\":{\"name\":\"Proceedings of the 17th ACM International Conference on Computing Frontiers\",\"volume\":\"45 2-3\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-05-11\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 17th ACM International Conference on Computing Frontiers\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3387902.3397225\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 17th ACM International Conference on Computing Frontiers","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3387902.3397225","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A critical view on moving target defense and its analogies
In the last decade the Moving Target Defense (MTD) has gained popularity as a new cyber security defense paradigm. Moving Target Defense (MTD) intends to change the (presumable) information asymmetry between attacker and defender in favor of the defender by constantly changing a network's appearance as to invalidate previously acquired information. Many papers discussing MTD have been proposed and in recent years MTD techniques for a wide range of applications in enterprise networks, Cloud environments, IoT, automotive CAN buses and smart grids have been proposed. In these papers, MTD is often introduced as a "game changer" and explained with help of nice figurative analogies. Yet, how useful are these repeated changes really to deter the attacker? And even more importantly, could it not be that there are downsides to the constant changes that, ultimately, degrade security? In this position paper we argue that one needs to have a more critical and open minded view on MTD. There are MTD techniques that improve security. But we also provide several examples where they reduce security or where movement does not matter at all and is only introduced as to label a given technique as MTD.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
