Markov Decision Process to Enforce Moving Target Defence Policies
Moving Target Defense (MTD) is an emerging game-changing defense strategy in cybersecurity with the goal of strengthening defenders and conversely puzzling adversaries in a network environment. The successful deployment of an MTD system can be affected by several factors including 1) the effectiveness of the employed technique, 2) the deployment strategy, 3) the cost of the MTD implementation, and 4) the impact yielded by the enforced security policies. Many research efforts have been spent on introducing a variety of MTD techniques which are often evaluated through simulations. Nevertheless, this line of research needs more attention. In particular, the determination of optimal cost and policy analysis and the selection of those policies in an MTD setting is still an open research question. To advance the state-of-the-art of this line of research, this paper introduces an approach based on control theory to model, analyze and select optimal security policies for Moving Target Defense (MTD) deployment strategies. A Markov Decision Process (MDP) scheme is presented to model states of the system from attacking point of view. The employed value iteration method is based on the Bellman optimality equation for optimal policy selection for each state defined in the system. The model is then utilized to analyze the impact of various costs on the optimal policy. The MDP model is then applied to two case studies to evaluate the performance of the model.
READ FULL TEXT