Effectiveness of Moving Target Defenses

David Evans, Anh Nguyen-Tuong, and John Knight
Chapter in Moving Target Defense: An Asymmetric Approach to Cyber Security, edited by Sushil Jajodia
Springer
Planned for 2011

Abstract

Moving target defenses have been proposed as a way to make it much more difficult for an attacker to exploit a vulnerable system by changing aspects of that system to present attackers with a varying attack surface. The hope is that constructing a successful exploit requires analyzing properties of the system, and that in the time it takes an attacker to learn those properties and construct the exploit, the system will have changed enough by the time the attacker can launch the exploit to disrupt the exploit's functionality. This is a promising and appealing idea, but its security impact is not yet clearly understood. In this chapter, we argue that the actual benefits of the moving target approach are in fact often much less significant than one would expect. We present a model for thinking about dynamic diversity defenses, analyze the security properties of a few example defenses and attacks, and identify scenarios where moving target defenses are and are not effective.

Paper

Full paper (20 pages): [PDF]
David Evans
University of Virginia
Department of Computer Science
 evans@virginia.edu