CONFERENCE PROCEEDINGS
Advanced Search
Home > Proceedings > Volume 9456 > Article
Paper
23 May 2015 Quantification of moving target cyber defenses
Katheryn A. Farris, George Cybenko
Author Affiliations +
Proceedings Volume 9456, Sensors, and Command, Control, Communications, and Intelligence (C3I) Technologies for Homeland Security, Defense, and Law Enforcement XIV; 94560L (2015) https://doi.org/10.1117/12.2182176
Event: SPIE Defense + Security, 2015, Baltimore, MD, United States
Abstract
Current network and information systems are static, making it simple for attackers to maintain an advantage. Adaptive defenses, such as Moving Target Defenses (MTD) have been developed as potential “game-changers” in an effort to increase the attacker’s workload. With many new methods being developed, it is difficult to accurately quantify and compare their overall costs and effectiveness. This paper compares the tradeoffs between current approaches to the quantification of MTDs. We present results from an expert opinion survey on quantifying the overall effectiveness, upfront and operating costs of a select set of MTD techniques. We find that gathering informed scientific opinions can be advantageous for evaluating such new technologies as it offers a more comprehensive assessment. We end by presenting a coarse ordering of a set of MTD techniques from most to least dominant. We found that seven out of 23 methods rank as the more dominant techniques. Five of which are techniques of either address space layout randomization or instruction set randomization. The remaining two techniques are applicable to software and computer platforms. Among the techniques that performed the worst are those primarily aimed at network randomization.
© (2015) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Citation Download Citation
Katheryn A. Farris and George Cybenko "Quantification of moving target cyber defenses", Proc. SPIE 9456, Sensors, and Command, Control, Communications, and Intelligence (C3I) Technologies for Homeland Security, Defense, and Law Enforcement XIV, 94560L (23 May 2015); https://doi.org/10.1117/12.2182176
ACCESS THE FULL ARTICLE
ORGANIZATIONAL
Sign in with credentials provided by your organization.
INSTITUTIONAL
Select your institution to access the SPIE Digital Library.
SELECT YOUR INSTITUTION
PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.
PERSONAL SIGN IN
No SPIE Account? Create one
PURCHASE THIS CONTENT
SUBSCRIBE TO DIGITAL LIBRARY
50 downloads per 1-year subscription
Members: $195
Non-members: $335 ADD TO CART
25 downloads per 1 - year subscription
Members: $145
Non-members: $250 ADD TO CART
PURCHASE SINGLE ARTICLE
Includes PDF, HTML & Video, when available
Members: $17.00
Non-members: $21.00 ADD TO CART
PROCEEDINGS
 8 PAGES
DOWNLOAD PAPER SAVE TO MY LIBRARY
GET CITATION
Lens.org Logo
CITATIONS
Cited by 13 scholarly publications.
Advertisement
Advertisement
RIGHTS & PERMISSIONS
Get copyright permission  Get copyright permission on Copyright Marketplace
KEYWORDS
Computer security
Network security
Defense and security
Computing systems
Operating systems
Computer networks
Analytical research
RELATED CONTENT
An asset valuation approach using fuzzy logic
Proceedings of SPIE (May 21 2015)
Rootkits and the OS friendly microprocessor architecture
Proceedings of SPIE (May 01 2017)
Considerations and foundations for Botnet simulation
Proceedings of SPIE (April 13 2009)
Visual behavior characterization for intrusion and misuse detection
Proceedings of SPIE (May 03 2001)
Personal privacy, information assurance, and the threat posed by malware...
Proceedings of SPIE (April 18 2006)
Bot armies as threats to network security
Proceedings of SPIE (April 09 2007)
A study on fuzzy intrusion detection
Proceedings of SPIE (March 28 2005)
Subscribe to Digital Library
Receive Erratum Email Alert
Back to Top