
The evaluation of performance cost for network based moving target defense
Author(s) -
Xinli Xiong,
LI Ke-chang,
Guangyao Zhao
Publication year - 2019
Publication title -
journal of physics. conference series
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.21
H-Index - 85
eISSN - 1742-6596
pISSN - 1742-6588
DOI - 10.1088/1742-6596/1303/1/012109
Subject(s) - computer science , queueing theory , petri net , queue , throughput , distributed computing , stochastic petri net , event (particle physics) , server , transformation (genetics) , computer network , real time computing , telecommunications , biochemistry , physics , chemistry , quantum mechanics , wireless , gene
Network based moving target defense prevents attackers from reliably contacting a system by re-configuring network factors. Although limited researching has demonstrated it to be practical and feasible, little studies have been conducted to evaluate the performance cost appended to the original system. Without quantitative results, it is challenging to implement moving target techniques to typical information system broadly. This paper introduces a Queueing Petri Net model that can provide insight into the performance of network re-configurations. This model quantifies the system throughput, queue utilization and response time of requests regarding configurations of the information system, type of strategies for mutation and the frequency of networking transformation. Through logical deductions and simulations using Queueing Petri net Modelling Environment, results show that the network shifting method is an affordable defense technology compared to the performance loss in the processing of servers. Moreover, event-based strategies can get the trade-off between security and performance. These results guide the research deep into developing a more optimized method in moving target defense.