Moving target defense in cloud computing: A systematic mapping study

Moving Target Defense (MTD) consists of applying system reconfiguration (e.g., VM migration, IP shuffling) to dynamically change the available attack surface. MTD makes use of reconfiguration to confuse attackers and nullify their knowledge about the system state. It also can be used as an attack reaction (e.g., using Virtual Machine (VM) migration to move VMs away from a compromised host). Thus, MTD seems to be a promising technique to tackle some of the cloud computing security challenges. In this systematic mapping study, we aim to investigate the current research state of Moving Target Defense in the cloud computing context, and to identify potential research gaps in the literature. Considering five major scientific databases in the computer science domain, we collected 224 papers related to the area. After disambiguation and filtering, we selected 95 papers for analysis. The outcome of such analysis offers a comprehensive overview of the current research. We can highlight some relevant research opportunities. First, only a few works present advances in the theoretical field of Moving Target Defense in cloud computing. Second, the proposal and evaluation of multi-layer Moving Target Defense mechanisms is still an open problem. Thirdly, there is a need for frameworks to support MTD evaluation, which may include a benchmark for comparing alternative MTD strategies. Finally, the study of potential impacts of Moving Target Defense in context-oriented clouds is a barely explored topic. (C) 2020 Elsevier Ltd. All rights reserved.