An Efficient and Agile Spatio-temporal Route Mutation Moving Target Defense Mechanism

For the reasons that defect remedy is an endless arduous work for static network defense technologies and cyberspace security remains unguaranteed, moving target defense (MTD) is proposed to stem the tide. Whereas, as an important branch of MTD, route mutation technologies still have limitations against some sophisticated adversaries like Advanced Persistent Threat (APT), multiple-step complex or combined attacks. In this paper, we propose a new spatio-temporal route mutation method based on MTD. We first take the maximization of resistibility towards not only multiple forms of attacks but also attackers' long-term background knowledge into consideration. We also formulate the problem into a stochastic optimization model and make it possible to agilely generate the satisfying mutation route meets the demands of various parties jointly by only solving one uniform problem. Thus, network Security is guaranteed from both flows(users) and nodes(infrastructure) perspectives. Experimental results highlight the security advantages as traffic dispersion, potential victim number and attack failure rates of our method compared to existing solutions.