TIIS (Çѱ¹ÀÎÅͳÝÁ¤º¸ÇÐȸ)
Current Result Document :
| ÇѱÛÁ¦¸ñ(Korean Title) |
SD-MTD: Software-Defined Moving-Target Defense for Cloud-System Obfuscation |
| ¿µ¹®Á¦¸ñ(English Title) |
SD-MTD: Software-Defined Moving-Target Defense for Cloud-System Obfuscation |
| ÀúÀÚ(Author) |
Ki-Wan Kang
Jung Taek Seo
Sung Hoon Baek
Chul Woo Kim
Ki-Woong Park
|
| ¿ø¹®¼ö·Ïó(Citation) |
VOL 16 NO. 03 PP. 1063 ~ 1075 (2022. 03) |
Çѱ۳»¿ë
(Korean Abstract) |
|
¿µ¹®³»¿ë
(English Abstract) |
In recent years, container techniques have been broadly applied to cloud computing systems to maximize their efficiency, flexibility, and economic feasibility. Concurrently, studies have also been conducted to ensure the security of cloud computing. Among these studies, movingtarget defense techniques using the high agility and flexibility of cloud-computing systems are gaining attention. Moving-target defense (MTD) is a technique that prevents various security threats in advance by proactively changing the main attributes of the protected target to confuse the attacker. However, an analysis of existing MTD techniques revealed that, although they are capable of deceiving attackers, MTD techniques have practical limitations when applied to an actual cloud-computing system. These limitations include resource wastage, management complexity caused by additional function implementation and system introduction, and a potential increase in attack complexity. Accordingly, this paper proposes a software-defined MTD system that can flexibly apply and manage existing and future MTD techniques. The proposed software-defined MTD system is designed to correctly define a valid mutation range and cycle for each moving-target technique and monitor system-resource status in a software-defined manner. Consequently, the proposed method can flexibly reflect the requirements of each MTD technique without any additional hardware by using a softwaredefined approach. Moreover, the increased attack complexity can be resolved by applying multiple MTD techniques. |
| Å°¿öµå(Keyword) |
Cloud Computing System
Container Orchestration
Moving-Target Defense
System Obfuscation
|
| ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|
