Reasoning about Moving Target Defense in Attack Modeling Formalisms

Abstract: Since 2009, Moving Target Defense (MTD) has become a new paradigm of defensive mechanism that frequently changes the state of the target system to confuse the attacker. This frequent change is costly and leads to a tradeoff between misleading the attacker and disrupting the quality of service. Optimizing the MTD activation frequency is necessary to develop this defense mechanism when facing realistic, multi-step attack scenarios. Attack modeling formalisms based on DAG are prominently used to specify these sce… Show more

“…In addition, the formal feedback flow of the mutation scheme was also normalized to suit the drone-type MTD designed to meet the continuity and compatibility of tactical drones operated on the battlefield. [38] Wired/mixed net Game X X Hong et al [41,42] Wired/mixed net Graph & metric O X Zhou et al [43] Wired net Game & tree X X Rahim et al [44] Wired net Formalism X X Ballot et al [18] Wired net Formalism Seo et al [50] Wireless This study extended the scope of adaptation of mutation principles as 'what-to-move,' 'when-tomove,' 'how-to-move' and the scope of a configuration of the MTD mechanisms selected to provide high attenuation of the spatial-temporal asymmetry of attacker dominance over the potential attack surface of mission-critical systems that must be highly secure and safe to unmanned wireless embedded maneuvering platforms such as tactical drones. Based on a Pareto solver that considers both cyberagility and resilience, to reason and prove the adaptive deception performance of the proposed dronetype MTD based on a formal method, this study integrated and performed a structural specification based on diversified decision trees according to PTMDP-based formalism, and verification based on zero-sum games and model checking.…”

“…Additionally, they performed a comparative evaluation of the mutation quality, mutation stability, and cost of the random host mutation technique based on repeated experiments. Finally, Ballot et al [18], in state-ofthe-art research on the formalism of MTD, formalized PTMDP based on the DAG and PTA. They first proposed the PTMDP by structuring it as a decision tree based on threat modeling with attack vectors, subgoals, and MTD-based mitigation.…”

“…This model can be also additionally configured to force an inferior judgment that was not optimized based on subjective beliefs, differences of information and view, and misperception established according to information uncertainty. Third, formal specifications for wireless unmanned drone threat modeling can be achieved by structuring conceptualized two decision trees based on the priced-timed Markov decision process (PTMDP) [18] according to automata states such as vulnerabilities, threats, and countermeasures. Fourth, through zero-sum game logic based on perfect Bayesian Nash equilibrium (PBNE) [19] and Bayesian Stochastic Stackelberg (BSS) [20], and formalism embedded with Uppaal Stratego [21], the performance of drone-type MTD can be verified while achieving Pareto optimization.…”

MF2-DMTD: A Formalism and Game-Based Reasoning Framework for Optimized Drone-Type Moving Target Defense

“…In addition, the formal feedback flow of the mutation scheme was also normalized to suit the drone-type MTD designed to meet the continuity and compatibility of tactical drones operated on the battlefield. [38] Wired/mixed net Game X X Hong et al [41,42] Wired/mixed net Graph & metric O X Zhou et al [43] Wired net Game & tree X X Rahim et al [44] Wired net Formalism X X Ballot et al [18] Wired net Formalism Seo et al [50] Wireless This study extended the scope of adaptation of mutation principles as 'what-to-move,' 'when-tomove,' 'how-to-move' and the scope of a configuration of the MTD mechanisms selected to provide high attenuation of the spatial-temporal asymmetry of attacker dominance over the potential attack surface of mission-critical systems that must be highly secure and safe to unmanned wireless embedded maneuvering platforms such as tactical drones. Based on a Pareto solver that considers both cyberagility and resilience, to reason and prove the adaptive deception performance of the proposed dronetype MTD based on a formal method, this study integrated and performed a structural specification based on diversified decision trees according to PTMDP-based formalism, and verification based on zero-sum games and model checking.…”

“…Additionally, they performed a comparative evaluation of the mutation quality, mutation stability, and cost of the random host mutation technique based on repeated experiments. Finally, Ballot et al [18], in state-ofthe-art research on the formalism of MTD, formalized PTMDP based on the DAG and PTA. They first proposed the PTMDP by structuring it as a decision tree based on threat modeling with attack vectors, subgoals, and MTD-based mitigation.…”

“…This model can be also additionally configured to force an inferior judgment that was not optimized based on subjective beliefs, differences of information and view, and misperception established according to information uncertainty. Third, formal specifications for wireless unmanned drone threat modeling can be achieved by structuring conceptualized two decision trees based on the priced-timed Markov decision process (PTMDP) [18] according to automata states such as vulnerabilities, threats, and countermeasures. Fourth, through zero-sum game logic based on perfect Bayesian Nash equilibrium (PBNE) [19] and Bayesian Stochastic Stackelberg (BSS) [20], and formalism embedded with Uppaal Stratego [21], the performance of drone-type MTD can be verified while achieving Pareto optimization.…”

MF2-DMTD: A Formalism and Game-Based Reasoning Framework for Optimized Drone-Type Moving Target Defense

Capacity ATL: Reasoning About Agent Profiles and Applications to Cybersecurity

Reasoning about Moving Target Defense in Attack Modeling Formalisms