Network defense techniques based on traditional tools, techniques, and procedures (TTP) fail to account for the attacker's inherent advantage present due to static nature of network services and configurations. Moving Target Defense (MTD), on the other hand, provides an intelligent countermeasure by dynamically re-configuring the underlying systems, thereby reducing the effectiveness of cyber attacks. In this survey, we analyze the recent advancements made in the development of MTD tools, techniques and procedures (TTP) and highlight how these defenses can be made more effective with the use of artificial intelligence techniques for decision making. We first define a unified formal notation for MTDs that can capture different aspects of such defenses. We then categorize these defenses into different sub-classes depending on how they answer the three questions-what to move, when to move and how to moveshowcasing how game theoretic strategies can effectively answer the latter question. To understand the usefulness of these defense methods, we study the implementation of such MTD techniques. We find that (relatively) new networking technologies such as Software Defined Networking (SDN) and Network Function Virtualization (NFV) provide effective means for implementing these dynamic defense methods. To encourage researchers and industry experts in using such defenses, we highlight industry use-cases and discuss the practicality and maturity of these defenses. To aid readers who want to test or deploy MTD techniques, we highlight existing MTD test-beds. Our survey then performs both a qualitative and quantitative analysis to better understand the effectiveness of these MTDs in terms of security and performance. To that extent, we use well-defined metrics such as risk analysis, performance costs for qualitative evaluation and metrics based on Confidentiality, Integrity, Availability (CIA), attack representation, QoS impact, targeted threat models and defense cost for quantitative evaluation. Finally, we conclude by summarizing research opportunities that our survey elucidates.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.