Design and modeling of moving target defense in workflow-based applications

This paper analyzes the tradeoffs between performance and resilience against cyber attacks of applications organized as workflows. The static nature of current workflows is a major benefit to attackers. To combat this advantage, a promising new approach inspired to Moving Target Defense (MTDs) was developed to increase a workflow’s robustness to cyber attacks. This approach is based on dynamic reconfigurations of workflow tasks to reduce an attacker’s probability of succeeding in completing the reconnaissance phase before launching an attack. Dynamic reconfigurations increase the resilience of a workflow against cyber attacks but increase its execution time due to the overhead of reconfigurations. As a part of this paper, we developed metrics that capture the impact of reconfigurations on a workflow’s execution time and resilience against cyber attacks. The paper also presents recursive algorithms for computing the execution time and the reconnaissance function of a workflow. Our analysis relied on extensive trace-driven simulations of workflows from five different traces from the Workflow Trace Archive (WTA) and we used 6000 workflows from three different domains: scientific computing, engineering, and industrial. Our analysis of the results showed that there is a significant difference at the 95% confidence level due to reconfiguration on the resilience of workflows and demonstrated a consistent behavior across all five trace domains.