Parametrization and Effectiveness of Moving Target Defense Security Protections within Industrial Control Systems
Critical infrastructure systems continue to foster predictable communication patterns and static configurations over extended periods of time. The static nature of these systems ease the process of gathering reconnaissance information that can be used to design, develop and launch attacks by adversaries. In this research effort, the early phases of an attack vector will be disrupted by randomizing port numbers, IP addresses, and communication paths dynamically through the use of overlay networks. These protective measures convert static systems into "moving targets," adding an additional layer of defense. Moving Target Defense (MTD) is an active area of research that periodically changes the attack surface of a system to create uncertainty and increase the workload for an adversary. To assess the effectiveness of MTD strategies within a critical infrastructure environment, performance metrics have been captured to quantify the impacts introduced to the opera- tional network and to the adversary. The MTD strategies have been designed to be crash tolerant and Byzantine fault tolerant to improve their resilience in an operational setting. Optimizing the parameters of network based MTD techniques, such as the frequencies of reconfiguration, while minimizing the impact to the operational network is the focus of this research.