Moving target, deception, and other adaptive defenses

Benjamin Blakely, William Horsthemke, Alec Poczatec, Lovie Nowak, Nathaniel Evans

Research output: Chapter in Book/Report/Conference proceedingChapterpeer-review

5 Scopus citations

Abstract

Moving target defenses raise the cost of an attack to make it more difficult or infeasible. Strategies to do so include implementing diversity, movement, and obfuscation at the platform, network, runtime environment, application, or data layer. Doing so, however, often requires an investment in software, hardware, procedure, or overhead (such as training) and can also increase the complexity of infrastructures being defended. In industrial control system contexts, this complexity and its impact upon performance and reliability might present obstacles to implement such defensive technologies. As the scope of possible domains for introducing moving target defense concepts is now well-defined and the considerations are largely enumerated, consideration must additionally be given to systems that can dynamically select optimal strategies in response to attacks. In this chapter, we will survey the foundations, principles, and domains of moving target defense, consider specific implementation examples, and evaluate the considerations for implementing deceptive and responsive strategies in industrial control systems applications.

Original languageEnglish
Title of host publicationAdvances in Information Security
PublisherSpringer New York LLC
Pages95-118
Number of pages24
DOIs
StatePublished - 2019
Externally publishedYes

Publication series

NameAdvances in Information Security
Volume75
ISSN (Print)1568-2633

Fingerprint

Dive into the research topics of 'Moving target, deception, and other adaptive defenses'. Together they form a unique fingerprint.

Cite this