Title: A layer-crossing multi-factor and dynamic security model over a moving target defence

Authors: Zhanwei Cui; Jianping Zeng; Chengrong Wu

Addresses: School of Computer Science, Fudan University, Shanghai, 200433, China ' School of Computer Science, Fudan University, Shanghai, 200433, China; Engineering Research Center of Cyber Security Auditing and Monitoring, China Ministry of Education, Shanghai, 200433, China ' School of Computer Science, Fudan University, Shanghai, 200433, China; Engineering Research Center of Cyber Security Auditing and Monitoring, China Ministry of Education, Shanghai, 200433, China

Abstract: Moving target defence mainly focus on the single parameter hopping and rarely refer to the hopping of multiple parameters in multiple layers. With the background of database security, this paper constructs a layer-crossing, multi-parameter and dynamic security model over moving target defence. Seven parameters which belong to different layers in the database application are defined, and two mathematical functions of successful attack probability and the reconnection time of the legitimate users are proposed. Then through mathematical analysis, this paper comes to the conclusion that it is impossible to let the successful attack probability and the average reconnection time take the minimum values at the same time. Finally, under specific scenarios, the specific expressions of the two functions and the optimal hopping interval of each parameter are present. The model proposed is not only applicable to the security of database system, but also to other information systems.

Keywords: moving target defence; layer-crossing; multi-parameter; security model; optimisation analysis.

DOI: 10.1504/IJICS.2021.117400

International Journal of Information and Computer Security, 2021 Vol.16 No.1/2, pp.150 - 169

Received: 20 Sep 2018
Accepted: 30 Dec 2018

Published online: 27 Aug 2021 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article