356 research outputs found
A Cost-effective Shuffling Method against DDoS Attacks using Moving Target Defense
Moving Target Defense (MTD) has emerged as a newcomer into the asymmetric
field of attack and defense, and shuffling-based MTD has been regarded as one
of the most effective ways to mitigate DDoS attacks. However, previous work
does not acknowledge that frequent shuffles would significantly intensify the
overhead. MTD requires a quantitative measure to compare the cost and
effectiveness of available adaptations and explore the best trade-off between
them. In this paper, therefore, we propose a new cost-effective shuffling
method against DDoS attacks using MTD. By exploiting Multi-Objective Markov
Decision Processes to model the interaction between the attacker and the
defender, and designing a cost-effective shuffling algorithm, we study the best
trade-off between the effectiveness and cost of shuffling in a given shuffling
scenario. Finally, simulation and experimentation on an experimental software
defined network (SDN) indicate that our approach imposes an acceptable
shuffling overload and is effective in mitigating DDoS attacks
Markov modeling of moving target defense games
We introduce a Markov-model-based framework for Moving Target Defense (MTD) analysis. The framework allows modeling of broad range of MTD strategies, provides general theorems about how the probability of a successful adversary defeating an MTD strategy is related to the amount of time/cost spent by the adversary, and shows how a multi-level composition of MTD strategies can be analyzed by a straightforward combination of the analysis for each one of these strategies. Within the proposed framework we define the concept of security capacity which measures the strength or effectiveness of an MTD strategy: the security capacity depends on MTD specific parameters and more general system parameters. We apply our framework to two concrete MTD strategies
MTDeep: Boosting the Security of Deep Neural Nets Against Adversarial Attacks with Moving Target Defense
Present attack methods can make state-of-the-art classification systems based
on deep neural networks misclassify every adversarially modified test example.
The design of general defense strategies against a wide range of such attacks
still remains a challenging problem. In this paper, we draw inspiration from
the fields of cybersecurity and multi-agent systems and propose to leverage the
concept of Moving Target Defense (MTD) in designing a meta-defense for
'boosting' the robustness of an ensemble of deep neural networks (DNNs) for
visual classification tasks against such adversarial attacks. To classify an
input image, a trained network is picked randomly from this set of networks by
formulating the interaction between a Defender (who hosts the classification
networks) and their (Legitimate and Malicious) users as a Bayesian Stackelberg
Game (BSG). We empirically show that this approach, MTDeep, reduces
misclassification on perturbed images in various datasets such as MNIST,
FashionMNIST, and ImageNet while maintaining high classification accuracy on
legitimate test images. We then demonstrate that our framework, being the first
meta-defense technique, can be used in conjunction with any existing defense
mechanism to provide more resilience against adversarial attacks that can be
afforded by these defense mechanisms. Lastly, to quantify the increase in
robustness of an ensemble-based classification system when we use MTDeep, we
analyze the properties of a set of DNNs and introduce the concept of
differential immunity that formalizes the notion of attack transferability.Comment: Accepted to the Conference on Decision and Game Theory for Security
(GameSec), 201
- …