Title : ( Moving Target Defense against Advanced Persistent Threats for Cybersecurity Enhancement )
Authors: Masoud Khosravi Farmad , Ali Ahmadian Ramaki , Abbas Ghaemi Bafghi ,Abstract
One of the main security concerns of enterprise-level organizations which provide network-based services is combating with complex cybersecurity attacks like advanced persistent threats (APTs). The main features of these attacks are being multilevel, multi-step, long-term and persistent. Also they use an intrusion kill chain (IKC) model to proceed the attack steps and reach their goals on targets. Traditional security solutions like firewalls and intrusion detection and prevention systems (IDPSs) are not able to prevent APT attack strategies and block them. Recently, deception techniques are proposed to defend network assets against malicious activities during IKC progression. One of the most promising approaches against APT attacks is Moving Target Defense (MTD). MTD techniques can be applied to attack steps of any abstraction levels in a networked infrastructure (application, host, and network) dynamically for disruption of successful execution of any on the fly IKCs. In this paper, after presentation and discussion on common introduced IKCs, one of them is selected and is used for further analysis. Also, after proposing a new and comprehensive taxonomy of MTD techniques in different levels, a mapping analysis is conducted between IKC models and existing MTD techniques. Finally, the effect of MTD is evaluated during a case study (specifically IP Randomization). The experimental results show that the MTD techniques provide better means to defend against IKC-based intrusion activities.
Keywords
, cybersecurity; complex multi-step attack scenario; Advanced Persistent Threat (APT), Intrusion Kill Chain (IKC); Moving Target Defense (MTD).@inproceedings{paperid:1092793,
author = {Khosravi Farmad, Masoud and Ahmadian Ramaki, Ali and Ghaemi Bafghi, Abbas},
title = {Moving Target Defense against Advanced Persistent Threats for Cybersecurity Enhancement},
booktitle = {8th International Conference on Computer and Knowledge Engineering},
year = {2018},
location = {مشهد, IRAN},
keywords = {cybersecurity; complex multi-step attack scenario;
Advanced Persistent Threat (APT); Intrusion Kill Chain (IKC);
Moving Target Defense (MTD).},
}
%0 Conference Proceedings
%T Moving Target Defense against Advanced Persistent Threats for Cybersecurity Enhancement
%A Khosravi Farmad, Masoud
%A Ahmadian Ramaki, Ali
%A Ghaemi Bafghi, Abbas
%J 8th International Conference on Computer and Knowledge Engineering
%D 2018