[1] |
JAJODIA S , GHOSH A K , SWARUP V ,et al. Moving target defense[M]. Springer New York, 2011.
|
[2] |
JAQUITH A . Security metrics:replacing fear,uncertainty,and doubt[M]. Addison-Wesley Professional, 2007.
|
[3] |
OKHRAVI H , RABE M A , MAYBERRY T J ,et al. Survey of cyber moving target techniques[R]. Massachusetts Inst of Tech Lexington Lincoln Lab, 2013.
|
[4] |
OKHRAVI H , HOBSON T , BIGELOW D ,et al. finding focus in the blur of moving-target techniques[J]. IEEE Security & Privacy, 2014,12(2): 16-26.
|
[5] |
CADAR C , AKRITIDIS P , COSTA M ,et al. Data randomization[R]. 2008.
|
[6] |
CHANG W , STREIFF B , LIN C . Efficient and extensible security enforcement using dynamic data flow analysis[C]// ACM Conference on Computer and Communications Security. 2008: 39-50.
|
[7] |
ALLEN R , DOUENCE R , GARLAN D . Specifying and analyzing dynamic software architectures[C]// International Conference on Fundamental Approaches To Software. DBLP, 1998: 21-37.
|
[8] |
HOORN A V , WALLER J , HASSELBRING W . Kieker:a framework for application performance monitoring and dynamic software analysis[C]// ACM/spec International Conference on PERFOR MANCE Engineering. 2012: 247-248.
|
[9] |
ROEDER T , SCHNEIDER F B . Proactive obfuscation[J]. ACM Transactions on Computer Systems, 2009,28(2): 1973-1991.
|
[10] |
BOYD S W , KC G S , LOCASTO M E ,et al. On the general applicability of instruction-set randomization[J]. IEEE Transactions on Dependable and Secure Computing, 2010,7(3): 255-270.
|
[11] |
KIL C , JUN J , BOOKHOLT C ,et al. Address space layout permutation (ASLP):towards fine-grained randomization of commodity software[C]// 22nd Annual Computer Security Applications Conference,2006 (ACSAC'06). 2006: 339-348.
|
[12] |
FEDCHENKO O A . WO/2014/129928[P]. 2006:
|
[13] |
ARONSON J E . A survey of dynamic network flows[J]. Annals of Operations Research, 1989,20(1): 1-66.
|
[14] |
CHANG H C , HSIEH M D , TSENG C C ,et al. Dynamic network address translation system and method of transparent private network device:US,US7577144[P]. 2009.
|
[15] |
ANTONATOS S S , AKRITIDIS P , MARKATOS E P ,et al. Defending against hitlist worms using network address space randomization[J]. Computer Networks, 2007,51(12): 3471-3490.
|
[16] |
ANDERSEN D G , BALAKRISHNAN H , KAASHOEK M F ,et al. The case for resilient overlay networks[C]// The Workshop on Hot Topics in Operating Systems, 200135: 152-157.
|
[17] |
MARTIN L . Cyber kill chain[EB/OL]. , 2014.
|
[18] |
OU X , SINGHAL A . The common vulnerability scoring system (CVSS)[M]// Quantitative Security Risk Assessment of Enterprise Networks. 2012: 9-12.
|
[19] |
MARCUS P , et al . A survey on systems security metrics[C]// ACM Computing Surveys (CSUR) 49.4. 2017:62.
|
[20] |
RAMOS A , LAZAR M , HOLANDA FILHO R ,et al. Model-based quantitative network security metrics:a survey[J]. IEEE Communications Surveys & Tutorials, 2017,19(4): 2704-2734.
|
[21] |
WANG L , JAJODIA S , SINGHAL A . Network security metrics[M]. Berlin: SpringerPress, 2017.
|
[22] |
NGUYEN-TUONG A , EVANS D , KNIGHT J C ,et al. Security through redundant data diversity[C]// Dependable Systems and Networks With FTCS and DCC,2008.DSN 2008.IEEE International Conference on. IEEE, 2008: 187-196.
|
[23] |
SMUTZ C , STAVROU A . Preventing exploits in microsoft office documents through content randomization[C]// International Workshop on Recent Advances in Intrusion Detection. 2015: 225-246.
|
[24] |
VIKRAM S , YANG C , GU G . Nomad:Towards non-intrusive moving-target defense against web bots[C]// 2013 IEEE Conference on Communications and Network Security (CNS). 2013: 55-63.
|
[25] |
PATTUK E , KANTARCIOGLU M , LIN Z ,et al. Preventing cryptographic key leakage in cloud virtual machines[C]// Usenix Conference on Security Symposium. 2014: 703-718.
|
[26] |
AMMANN P E , KNIGHT J C . Data diversity:an approach to software fault tolerance[J]. IEEE Transactions on Computers, 1988,37(4): 418-425.
|
[27] |
KONING K , BOS H , GIUFFRIDA C . Secure and efficient multi-variant execution using hardware-assisted process virtualization[C]// 2016 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). 2016: 431-442.
|
[28] |
CRANE S , HOMESCU A , BRUNTHALER S ,et al. Thwarting cache side-channel attacks through dynamic software diversity[C]// NDSS. 2015: 8-11.
|
[29] |
TROMER E , OSVIK D A , SHAMIR A . Efficient cache attacks on AES,and countermeasures[J]. Journal of Cryptology, 2010,23(1): 37-71.
|
[30] |
EVANS D , NGUYEN-TUONG A , KNIGHT J . Effectiveness of moving target defenses[C]// Moving Target Defense. Springer New York, 2011: 29-48.
|
[31] |
OKHRAVI H , RIORDAN J , CARTER K . Quantitative evaluation of dynamic platform techniques as a defensive mechanism[C]// International Workshop on Recent Advances in Intrusion Detection. 2014: 405-425.
|
[32] |
OKHRAVI H , COMELLA A , ROBINSON E ,et al. Creating a cyber moving target for critical infrastructure applications using platform diversity[J]. International Journal of Critical Infrastructure Protection, 2012,5(1): 30-39.
|
[33] |
CAI G , WANG B , LUO Y ,et al. A model for evaluating and comparing moving target defense techniques based on generalized stochastic petri net[C]// Conference. Springer,Singapore, 2016: 184-197.
|
[34] |
MARSAN M A , BALBO G , CONTE G ,et al. Modelling with generalized stochastic petri nets[M]. John Wiley & Sons,Inc. 1995.
|
[35] |
ANDERSON N , MITCHELL R , CHEN R . Parameterizing moving target defenses[C]// 2016 8th IFIP International Conference on New Technologies,Mobility and Security (NTMS). 2016: 1-6.
|
[36] |
COLLINS M P , . A cost-based mechanism for evaluating the effectiveness of moving target defenses[C]// International Conference on Decision and Game Theory for Security. 2012: 221-233.
|
[37] |
HONG J B , KIM D S . Assessing the effectiveness of moving target defenses using security models[J]. IEEE Transactions on Dependable and Secure Computing, 2016,13(2): 163-177.
|
[38] |
CROUSE M , PROSSER B , FULP E W . Probabilistic performance analysis of moving target and deception reconnaissance defenses[C]// The Second ACM Workshop on Moving Target Defense. 2015: 21-29.
|
[39] |
ZHUANG R , ZHANG S , DELOACH S A ,et al. Simulation-based approaches to studying effectiveness of moving-target network defense[C]// National Symposium on Moving Target Research. 2012: 1-12.
|
[40] |
SCHMIDT S , BYE R , CHINNOW J ,et al. Application-level simulation for network security[C]// International Conference on Simulation TOOLS and Techniques for Communications,Networks and Systems & Workshops. 2010:33.
|
[41] |
ZAFFARANO K , TAYLOR J , HAMILTON S . A quantitative framework for moving target defense effectiveness evaluation[C]// The Second ACM Workshop on Moving Target Defense. 2015: 3-10.
|
[42] |
ESKRIDGE T C , CARVALHO M M , STONER E ,et al. VINE:a cyber emulation environment for MTD experimentation[C]// ACM Workshop on Moving Target Defense. 2015: 43-47.
|
[43] |
JONES S T , OUTKIN A V , GEARHART J L ,et al. PLADD:deterring attacks on cyber systems and moving target defense[R]. 2017.
|
[44] |
CONNELL W , ALBANESE M , VENKATESAN S . A framework for moving target defense quantification[M]// ICT Systems Security and Privacy Protection. 2017.
|