SD-MTD: Software-Defined Moving-Target Defense for Cloud-System Obfuscation |
Kang, Ki-Wan
(Dept. of Information Security, and Convergence Engineering for Intelligent Drone, Sejong University)
Seo, Jung Taek (Department of Computer Engineering, Gachon University) Baek, Sung Hoon (Department of Computer System Engineering, Jungwon University) Kim, Chul Woo (LG CNS) Park, Ki-Woong (Dept. of Information Security, and Convergence Engineering for Intelligent Drone, Sejong University) |
1 | J. Park, Y. Lee, K. Kang, S. Lee, and K. Park, "Ghost-MTD: Moving Target Defense via Protocol Mutation for Mission-Critical Cloud Systems," Energies, 13.8, 1883, 2020. DOI |
2 | Y. Huang, and A. Ghosh, "Introducing diversity and uncertainty to create moving attack surfaces for web services," Moving target defense, Springer, New York, NY, 131-151, 2011. |
3 | M. Taguinod, A. Doupe, Z. Zhao and G. Ahn, "Toward a Moving Target Defense for Web Applications," in Proc. of 2015 IEEE International Conference on Information Reuse and Integration, pp. 510-517, 2015. |
4 | T. E. Carroll, M. Crouse, E. W. Fulp and K. S. Berenhaut, "Analysis of network address shuffling as a moving target defense," in Proc. of 2014 IEEE International Conference on Communications (ICC), pp. 701-706, 2014. |
5 | H. Okhravi et al., "Survey of cyber moving target techniques," Massachusetts Inst of Tech Lexington Lincoln Lab, 2018. Available: https://apps.dtic.mil/sti/pdfs/AD1055276.pdf |
6 | W. Peng, F. Li, C. -T. Huang and X. Zou, "A moving-target defense strategy for Cloud-based services with heterogeneous and dynamic attack surfaces," in Proc. of 2014 IEEE International Conference on Communications (ICC), pp. 804-809, 2014. |
7 | C. Pahl, A. Brogi, J. Soldani and P. Jamshidi, "Cloud Container Technologies: A State-of-the-Art Review," IEEE Transactions on Cloud Computing, vol. 7, no. 3, pp. 677-692, 1 July-Sept. 2019. DOI |
8 | F. Chong, "National cyber leap year summit 2009: Co-chairs' report," NITRD Program, 2009. |
9 | Z. Kozhirbayev and R. O. Sinnott, "A performance comparison of container-based technologies for the cloud," Future Generation Computer Systems, 68, 175-182, 2017. DOI |
10 | S. He, L. Guo, Y. Guo, C. Wu, M. Ghanem et al., "Elastic Application Container: A Lightweight Approach for Cloud Resource Provisioning," in Proc. of 2012 IEEE 26th International Conference on Advanced Information Networking and Applications, pp. 15-22, 2012. |
11 | H. Jin, Z. Li, D. Zou, B. Yuan, "DSEOM: A Framework for Dynamic Security Evaluation and Optimization of MTD in Container-Based Cloud," IEEE Transactions on Dependable and Secure Computing, vol. 18, no. 3, pp. 1125-1136, 1 May-June 2021. |
12 | A. Chung, J. Park, and G. Ganger, "Stratus: cost-aware container scheduling in the public cloud," in Proc. of the ACM Symposium on Cloud Computing (SoCC '18). Association for Computing Machinery, New York, NY, USA, 121-134, 2018. |
13 | A. Shaer, Ehab, Q. Duan, and J. Jafarian, "Random host mutation for moving target defense," in Proc. of International Conference on Security and Privacy in Communication Systems, Springer, Berlin, Heidelberg, pp. 310-327, 2012. |
14 | E. Al-Shaer, "Toward network configuration randomization for moving target defense," Moving Target Defensem, Springer, New York, NY, 153-159, 2011. |
15 | C. Lei, H. Zhang, J. Tan, Y. Zhang, X. Liu, "Moving Target Defense Techniques: A Survey," Security and Communication Networks, vol. 2018, Article ID 3759626, 25 pages, 2018. |
16 | X. Gao, Z. Gu, M. Kayaalp, D. Pendarakis and H. Wang, "ContainerLeaks: Emerging Security Threats of Information Leakages in Container Clouds," in Proc. of 2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 237-248, 2017. |
17 | X. Xu, H. Yu and X. Pei, "A Novel Resource Scheduling Approach in Container Based Clouds," in Proc. of 2014 IEEE 17th International Conference on Computational Science and Engineering, pp. 257-264, 2014. |
18 | H. Alavizadeh, J. Jang-Jaccard and D. S. Kim, "Evaluation for Combination of Shuffle and Diversity on Moving Target Defense Strategy for Cloud Computing," in Proc. of 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), pp. 573-578, 2018. |
19 | P. Kampanakis, H. Perros and T. Beyene, "SDN-based solutions for Moving Target Defense network protection," in Proc. of IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks, pp. 1-6, 2014. |
20 | J. Haadi, E. Al-Shaer, and Q. Duan, "Openflow random host mutation: transparent moving target defense using software defined networking," in Proc. of the first workshop on Hot topics in software defined networks, pp. 127-132, 2012. |
21 | A. Gupta, L. Vanbever, M. Shahbaz, S. Donovan, B. Schlinker et al., "Sdx: A software defined internet exchange," ACM SIGCOMM Computer Communication Review, 44.4, 551-562, 2014. DOI |
22 | A. Voellmy, and J. Wang, "Scalable software defined network controllers," ACM SIGCOMM Computer Communication Review, vol. 42, no. 4, pp. 289-290, 2012. DOI |
23 | P. Dawson, and A. Butler, "IT Market Clock for Server Technology and SDx, 2014," Gartner Report 2014. 9. |
24 | A. Darabseh, M. Al-Ayyoub, Y. Jararweh, E. Benkhelifa, M. Vouk and A. Rindos, "SDDC: A Software Defined Datacenter Experimental Framework," in Proc. of 2015 3rd International Conference on Future Internet of Things and Cloud, pp. 189-194, 2015. |
25 | N. Handigol, B. Heller, V. Jeyakumar, D. Mazieres, and N. McKeown, "Where is the debugger for my software-defined network?," in Proc. of the first workshop on Hot topics in software defined networks (HotSDN '12), Association for Computing Machinery, New York, NY, USA, 55-60, 2012. |
26 | Y. -B. Luo, B. -S. Wang, X. -F. Wang, X. -F. Hu, G. -L. Cai and H. Sun, "RPAH: Random Port and Address Hopping for Thwarting Internal and External Adversaries," in Proc. of 2015 IEEE Trustcom/BigDataSE/ISPA, pp. 263-270, 2015. |
27 | J. Cho, D. Sharma, H. Alavizadeh, S. Yoon, B. Noam et al, "Toward proactive, adaptive defense: A survey on moving target defense," IEEE Communications Surveys & Tutorials, 22.1, 709-745, 2020. DOI |
28 | M. Green, "Characterizing network-based moving target defenses," in Proc. of the Second ACM Workshop on Moving Target Defense, pp. 31-35, 2015. |
29 | B. Hong, and D. Kim, "Assessing the effectiveness of moving target defenses using security models," IEEE Transactions on Dependable and Secure Computing, 13.2, 163-177, 2016. DOI |
30 | A. Alshamrani, S. Myneni, A. Chowdhary, D. Huang, "A Survey on Advanced Persistent Threats: Techniques, Solutions, Challenges, and Research Opportunities," IEEE Communications Surveys & Tutorials, Vol. 21, no. 2, pp. 1851-1877, Secondquarter 2019. DOI |
![]() |