Cyber Security Lab

Moving-target Defense

The goal of this research is to understand and quantify the potential and limitations of moving-target defense (MTD) systems to protect computer networks. To achieve this goal, we are building a fully functional prototype MTD system that will automatically adapt multiple aspects of the network's logical and physical configuration. We also plan to (1) create a set of analytical models to quantify the effectiveness of MTD systems, and (2) address key research questions such as how an MTD system's effect can be measured in terms of security gain and mission impact, what are the key parameters of an MTD system, whether an MTD system that can adapt multiple configuration aspects is feasible for reasonable threat assumptions, and whether an intelligent MTD triggered by attack/risk indicators can be more effective than a purely random MTD.

• Dr. Scott DeLoach
• Dr. Xinming Ou
• Dr. Alexandru Bardas

• Marc Eisenbarth (Arbor Networks)
• Dr. Rui Zhuang

• Ian Unruh
• Brian Cain
• Trent Novelly
• Gilnei De Pellegrin

• A Theory of Cyber Attacks -- A Step Towards Analyzing MTD Systems. Rui Zhuang, Alexandru G. Bardas, Scott A. Deloach, and Xinming Ou. In CCS 2015 MTD Workshop, Denver, CO, US, October, 2015.
• Compiling abstract specifications into concrete systems - bringing order to the cloud. Ian Unruh, Alexandru G. Bardas, Rui Zhuang, Xinming Ou, and Scott A. DeLoach. In 28th Large Installation System Administration Conference (LISA'14), Seattle, WA, USA.
• Towards a theory of moving target defense. Rui Zhuang, Scott A. DeLoach, and Xinming Ou. In First ACM Workshop on Moving Target Defense (MTD 2014), Scottsdale, Arizona, USA, November, 2014.
• A model for analyzing the effect of moving target defenses on enterprise networks. Rui Zhuang, Scott A. DeLoach, and Xinming Ou. 9th Cyber and Information Security Research Conference (CSIRC), Oak Ridge, Tennessee, USA, April, 2014
• Model-driven, moving-target defense for enterprise network security. Scott DeLoach, Xinming Ou, Rui Zhuang, Su Zhang. In Uwe Aßmann, Nelly Bencomo, Gordon Blair, Betty H. C. Cheng, Robert France (eds) State-of-the-Art Survey Volume on Models @run.time. Springer LNCS, Volume 8378, 2014, pp 137-161.
• Investigating the application of moving target defenses to network security. Rui Zhuang, Su Zhang, Alexandru G. Bardas, Scott A. DeLoach, Xinming Ou, and Anoop Singhal. 6th International Symposium on Resilient Control Systems (ISRCS), San Francisco, CA, August, 2013.
• Mission-oriented moving target defense based on cryptographically strong network dynamics. Justin Yackoski, Jason Li, Scott A. DeLoach, and Xinming Ou. The 8th Annual Cyber Security and Information Intelligence Research Workshop (CSIIRW), Oak Ridge, TN, Jan 2013.
• Simulation-based approaches to studying effectiveness of moving-target network defense. Rui Zhuang, Su Zhang, Scott A. DeLoach, Xinming Ou, and Anoop Singhal. National Symposium on Moving Target Research, Annapolis, MD, USA, June, 2012.

• CACM's coverage.
• K-State News Release (@K-State News Blog, Sidebar on Cloud).

This research is supported by the Air Force Office of Scientific Research under award no. FA9550-12-1-0106 and U.S. National Science Foundation under award no. 0954138 and 1018703. Any opinions, findings and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the sponsors.