Moving Target Defense – a paradigm shift in network security
Securing your corporate network against intruders becomes increasingly challenging with the increased number of connected devices, as well as cloud services.
To date, attackers have generally been at an advantage: An attacker would only need to find a single hole in the defenses in order to launch an attack, and the attack surface has been ever increasing. Moving Target Defense is an innovative concept that tries to eliminate this imbalance. The network constantly readjusts itself and hides each participant within it, constantly changing the attack surface. The latter can thereby be significantly decreased since an attacker only has access to a small portion of the system at any one time. In this way, Moving Target Defense can help level the playing field between attackers and defenders by providing a means to decrease the attack surface despite the increased complexity of modern networks.
Here at DSI, we take a look at this promising technology from a scientific perspective. Together with our project funder Rheinmetall, we evaluate the new concepts and try to put them on a sound theoretical basis. In particular, we develop modeling techniques that allow us to make very concrete statements about the added benefits of different Moving Target Defense techniques and analyse their efficiency compared with traditional countermeasures such as firewalls.