Abstract:
Nowadays, network configurations are typically deterministic, static, and homogeneous. These features reduce the difficulties for cyber attackers scanning the network to identify specific targets and gather essential information, which gives the attackers asymmetric advantages of building up, launching and spreading attacks. Thus the defenders are always at a passive position, and the existing defense mechanisms and approaches cannot reverse this situation. Moving target defense (MTD) is proposed as a new revolutionary technology to alter the asymmetric situation of attacks and defenses. It keeps moving the attack surface of the protected target through dynamic shifting, which can be controlled and managed by the administrator. In this way, the attack surface exposed to attackers appears chaotic and changes over time. Therefore, the work effort, i.e., the cost and complexity, for the attackers to launch a successful attack, will be greatly increased. As a result, the probability of successful attacks will be decreased, and the resiliency and security of the protected target will be enhanced effectively. In this paper, we firstly introduce the basic concepts of MTD, and classify the related works into categories according to their research field. Then, under each category, we give a detailed description on the existing work, and analyze and summarize them separately. Finally, we present our understandings on MTD, and summarize the current research status, and further discuss the development trends in this field.