Spatial-Temporal Moving Target Defense: A Markov Stackelberg Game Model
This work addresses security challenges for system defenders by providing a novel game-theoretic approach to moving target defense, though it appears incremental in applying existing models to this specific context.
The paper tackles the problem of protecting vulnerable systems against persistent attacks by proposing a Markov Stackelberg Game framework to optimize spatial and temporal decisions in moving target defense, with empirical evaluation showing its advantages in real-world scenarios.
Moving target defense has emerged as a critical paradigm of protecting a vulnerable system against persistent and stealthy attacks. To protect a system, a defender proactively changes the system configurations to limit the exposure of security vulnerabilities to potential attackers. In doing so, the defender creates asymmetric uncertainty and complexity for the attackers, making it much harder for them to compromise the system. In practice, the defender incurs a switching cost for each migration of the system configurations. The switching cost usually depends on both the current configuration and the following configuration. Besides, different system configurations typically require a different amount of time for an attacker to exploit and attack. Therefore, a defender must simultaneously decide both the optimal sequences of system configurations and the optimal timing for switching. In this paper, we propose a Markov Stackelberg Game framework to precisely characterize the defender's spatial and temporal decision-making in the face of advanced attackers. We introduce a relative value iteration algorithm that computes the defender's optimal moving target defense strategies. Empirical evaluation on real-world problems demonstrates the advantages of the Markov Stackelberg game model for spatial-temporal moving target defense.