Poster: Effectiveness of Moving Target Defense Techniques to Disrupt Attacks in the Cloud

Cloud systems are now highly pervasive and provide significant opportunities for adversaries to attack these systems. One approach to mitigate the amount of time adversaries have to attack a system is to reconfigure the system, in essence to provide a moving target that adversaries need to contend with. The advantage of moving target defence (MTD) that adversaries have less time to perform reconnaissance and then attack a system. The moving target could be to change IP addresses — so adversaries are unsure of network structure, or to change the operating system and applications providing a service — so adversaries may struggle to exploit a vulnerability in specific software.

Cloud systems are simultaneously well suited to MTD due to their ability to be dynamically reconfigured and challenging to apply MTD due to the wide variety of ways in which it can be employed. This means there is a need to be able to effectively select where MTDs should be applied in a cloud environment.

Importance

The number of security incidents involving Cloud systems is continuing to increase, this means that additional techniques that can be performed by Cloud providers to mitigate potential attacks is a valuable service.

Perspectives

Choosing where to apply MTDs is highly specific to the Cloud environment, the MTDs that can be used, the costs involved, and the risk appetite of the service provider. This means it is a complex multi-objective optimisation problem with the potential for multiple solutions based on the relative weighting of these different concerns. Optimisation techniques can help find a Pareto frontier, however, in all likelihood a trade-off will need to be made between the objectives that are being optimised for.

Poster