Analysis of Port Hopping for Proactive Cyber Defense
نویسندگان
چکیده
Port hopping is a typical proactive cyber defense technology, which hides the service identity and confuses attackers during reconnaissance by constantly altering service ports. Although several kinds of port hopping mechanisms have been proposed and implemented, but it is still unknown how effective port hopping is and under what circumstances it is a viable moving target defense because the existed works are limited and they usually discuss only a few parameters. Besides, in many cases the defense effectiveness has been studied empirically. In order to have an insight into the effectiveness of port hopping, this paper introduces a quantitative analysis based on the urn model, which quantifies the probability of attacker success in terms of port pool size, number of probes, number of vulnerable services, and hopping frequency. Theoretical analysis shows that port hopping is an effective and promising proactive defense technology in thwarting cyber attacks.
منابع مشابه
Moving target defense for securing smart grid communications: Architectural design, implementation and evaluation
Supervisory Control And Data Acquisition (SCADA) communications are often subjected to various kinds of sophisticated cyber-attacks which can have a serious impact on the Critical Infrastructure such as the power grid. Most of the time, the success of the attack is based on the static characteristics of the system, thereby enabling an easier profiling of the target system(s) by the adversary an...
متن کاملApplication of Stochastic Optimal Control, Game Theory and Information Fusion for Cyber Defense Modelling
The present paper addresses an effective cyber defense model by applying information fusion based game theoretical approaches. In the present paper, we are trying to improve previous models by applying stochastic optimal control and robust optimization techniques. Jump processes are applied to model different and complex situations in cyber games. Applying jump processes we propose some m...
متن کاملHacking Back: Not the Right Solution
In cyberspace attackers enjoy an advantage over defenders, which has popularized the concept of “active cyber defense”— offensive actions intended to punish or deter the adversary. This article argues active cyber defense is not a practical course of action to obtain tactical and strategic objectives. Instead, “aggressive cyber defense,” a proactive security solution, is a more appropriate opti...
متن کاملFederated Cloud Security Architecture for Secure and Agile Clouds
Cyber threats against clouds have evolved rapidly. Traditional reactive cyber defense technologies are not effective and sufficient to protect federated clouds. This chapter introduces the novel federated cloud security architecture that includes proactive cloud defense technologies for secure and agile cloud development. The federated security architecture consists of a set of seamlessly integ...
متن کاملA Proactive Holistic Approach to Strategic Cyber Defense
We need to change our approach to cyber defense if we are to succeed. We must deeply understand our adversaries, develop effective defensive strategies that will stand the test of time and evolution, and create a new discipline to make this happen. Here is how we start.
متن کامل