{"id":"https://openalex.org/W2895862525","doi":"https://doi.org/10.1145/3268966.3268977","title":"Dynamic Defense against Adaptive and Persistent Adversaries","display_name":"Dynamic Defense against Adaptive and Persistent Adversaries","publication_year":2018,"publication_date":"2018-01-15","ids":{"openalex":"https://openalex.org/W2895862525","doi":"https://doi.org/10.1145/3268966.3268977","mag":"2895862525"},"language":"en","primary_location":{"id":"doi:10.1145/3268966.3268977","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3268966.3268977","pdf_url":"http://dl.acm.org/ft_gateway.cfm?id=3268977&type=pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 5th ACM Workshop on Moving Target Defense","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"http://dl.acm.org/ft_gateway.cfm?id=3268977&type=pdf","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5079723268","display_name":"Radha Poovendran","orcid":"https://orcid.org/0000-0003-0269-8097"},"institutions":[{"id":"https://openalex.org/I201448701","display_name":"University of Washington","ror":"https://ror.org/00cvxb145","country_code":"US","type":"education","lineage":["https://openalex.org/I201448701"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Radha Poovendran","raw_affiliation_strings":["University of Washington, Seattle, WA, USA"],"affiliations":[{"raw_affiliation_string":"University of Washington, Seattle, WA, USA","institution_ids":["https://openalex.org/I201448701"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5079723268"],"corresponding_institution_ids":["https://openalex.org/I201448701"],"apc_list":null,"apc_paid":null,"fwci":0.1954,"has_fulltext":true,"cited_by_count":1,"citation_normalized_percentile":{"value":0.58312542,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"57","last_page":"58"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9973999857902527,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9973999857902527,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9922999739646912,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11195","display_name":"Simulation Techniques and Applications","score":0.9812999963760376,"subfield":{"id":"https://openalex.org/subfields/1803","display_name":"Management Science and Operations Research"},"field":{"id":"https://openalex.org/fields/18","display_name":"Decision Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8146485686302185},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.5954481959342957},{"id":"https://openalex.org/keywords/resource","display_name":"Resource (disambiguation)","score":0.535376250743866},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.4940641224384308},{"id":"https://openalex.org/keywords/privilege","display_name":"Privilege (computing)","score":0.45433667302131653},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4514339566230774},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.44142913818359375},{"id":"https://openalex.org/keywords/information-flow","display_name":"Information flow","score":0.43530410528182983},{"id":"https://openalex.org/keywords/information-sensitivity","display_name":"Information sensitivity","score":0.42251908779144287},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.25164303183555603},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.1324271857738495}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8146485686302185},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.5954481959342957},{"id":"https://openalex.org/C206345919","wikidata":"https://www.wikidata.org/wiki/Q20380951","display_name":"Resource (disambiguation)","level":2,"score":0.535376250743866},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.4940641224384308},{"id":"https://openalex.org/C2780138299","wikidata":"https://www.wikidata.org/wiki/Q3404265","display_name":"Privilege (computing)","level":2,"score":0.45433667302131653},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4514339566230774},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.44142913818359375},{"id":"https://openalex.org/C2779136372","wikidata":"https://www.wikidata.org/wiki/Q10283002","display_name":"Information flow","level":2,"score":0.43530410528182983},{"id":"https://openalex.org/C137822555","wikidata":"https://www.wikidata.org/wiki/Q2587068","display_name":"Information sensitivity","level":2,"score":0.42251908779144287},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.25164303183555603},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.1324271857738495},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3268966.3268977","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3268966.3268977","pdf_url":"http://dl.acm.org/ft_gateway.cfm?id=3268977&type=pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 5th ACM Workshop on Moving Target Defense","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3268966.3268977","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3268966.3268977","pdf_url":"http://dl.acm.org/ft_gateway.cfm?id=3268977&type=pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 5th ACM Workshop on Moving Target Defense","raw_type":"proceedings-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/8","display_name":"Decent work and economic growth","score":0.6600000262260437}],"awards":[{"id":"https://openalex.org/G5051192394","display_name":null,"funder_award_id":"FA8650-15-C","funder_id":"https://openalex.org/F4320332180","funder_display_name":"Defense Advanced Research Projects Agency"},{"id":"https://openalex.org/G5501761068","display_name":null,"funder_award_id":"4-16-1-","funder_id":"https://openalex.org/F4320337345","funder_display_name":"Office of Naval Research"},{"id":"https://openalex.org/G6486092784","display_name":null,"funder_award_id":"FA8650-15-C-7556","funder_id":"https://openalex.org/F4320332180","funder_display_name":"Defense Advanced Research Projects Agency"},{"id":"https://openalex.org/G764410440","display_name":null,"funder_award_id":"N00014-16-1-2710","funder_id":"https://openalex.org/F4320338298","funder_display_name":"Office of Naval Research Global"},{"id":"https://openalex.org/G8201374460","display_name":null,"funder_award_id":"00014-16-1-2710","funder_id":"https://openalex.org/F4320337345","funder_display_name":"Office of Naval Research"},{"id":"https://openalex.org/G8325026323","display_name":null,"funder_award_id":"N00014-16-1-2710","funder_id":"https://openalex.org/F4320337345","funder_display_name":"Office of Naval Research"},{"id":"https://openalex.org/G8876996369","display_name":null,"funder_award_id":"N00014","funder_id":"https://openalex.org/F4320337345","funder_display_name":"Office of Naval Research"}],"funders":[{"id":"https://openalex.org/F4320309321","display_name":"Georgia Institute of Technology","ror":"https://ror.org/01zkghx44"},{"id":"https://openalex.org/F4320310094","display_name":"University of Washington","ror":"https://ror.org/00cvxb145"},{"id":"https://openalex.org/F4320317074","display_name":"Worcester Polytechnic Institute","ror":"https://ror.org/05ejpqr48"},{"id":"https://openalex.org/F4320332180","display_name":"Defense Advanced Research Projects Agency","ror":"https://ror.org/02caytj08"},{"id":"https://openalex.org/F4320337345","display_name":"Office of Naval Research","ror":"https://ror.org/00rk2pe57"},{"id":"https://openalex.org/F4320338298","display_name":"Office of Naval Research Global","ror":"https://ror.org/00rk2pe57"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2895862525.pdf","grobid_xml":"https://content.openalex.org/works/W2895862525.grobid-xml"},"referenced_works_count":2,"referenced_works":["https://openalex.org/W2893632805","https://openalex.org/W2912262279"],"related_works":["https://openalex.org/W2374400535","https://openalex.org/W2138926267","https://openalex.org/W2619988698","https://openalex.org/W1845042932","https://openalex.org/W2360781613","https://openalex.org/W8752188","https://openalex.org/W2295903522","https://openalex.org/W2007005906","https://openalex.org/W4399119920","https://openalex.org/W2109528286"],"abstract_inverted_index":{"This":[0],"talk":[1],"will":[2,25,47,199],"cover":[3],"two":[4],"topics,":[5],"namely,":[6],"modeling":[7,19,143,234],"and":[8,15,38,43,60,70,90,102,118,130,177,185,203,240,285],"design":[9],"of":[10,77,81,94,120,127,133,154,215,272],"Moving":[11],"Target":[12],"Defense":[13],"(MTD),":[14],"DIFT":[16],"games":[17],"for":[18,53,233,287],"Advanced":[20],"Persistent":[21],"Threats":[22],"(APTs).":[23],"We":[24,46,267],"first":[26],"present":[27,268],"a":[28,67,113,183,228,241],"game-theoretic":[29],"approach":[30,141],"to":[31,66,142,211],"characterizing":[32],"the":[33,50,100,103,115,124,128,131,134,148,151,160,187,197,213,217,235,260,269],"trade-off":[34],"between":[35,99,237],"resource":[36,221],"efficiency":[37],"defense":[39],"effectiveness":[40],"in":[41,159,196],"decoy-":[42],"randomization-based":[44],"MTD.":[45],"then":[48],"address":[49],"game":[51,129,231],"formulation":[52],"APTs.":[54],"APTs":[55,79,121,144,155],"are":[56,136,209],"mounted":[57],"by":[58],"intelligent":[59],"resourceful":[61],"adversaries":[62],"who":[63],"gain":[64],"access":[65],"targeted":[68,104],"system":[69,86,161,184,198],"gather":[71],"information":[72,125,157,180],"over":[73],"an":[74,238,247],"extended":[75],"period":[76],"time.":[78],"consist":[80],"multiple":[82],"stages,":[83],"including":[84],"initial":[85],"compromise,":[87],"privilege":[88],"escalation,":[89],"data":[91,257],"exfiltration,":[92],"each":[93],"which":[95,175],"involves":[96],"strategic":[97],"interaction":[98,108,236],"APT":[101,135,218,239,256],"system.":[105],"While":[106],"this":[107,224],"can":[109,163],"be":[110,164],"viewed":[111],"as":[112,243,245],"game,":[114],"stealthiness,":[116],"adaptiveness,":[117],"unpredictability":[119],"imply":[122],"that":[123,150,162,276],"structure":[126],"strategies":[132],"not":[137],"readily":[138],"available.":[139],"Our":[140,251],"is":[145,169,253],"based":[146],"on":[147,255,279],"insight":[149],"persistent":[152],"nature":[153],"creates":[156],"flows":[158,181,188,195],"monitored.":[165],"One":[166],"monitoring":[167],"mechanism":[168],"Dynamic":[170],"Information":[171],"Flow":[172],"Tracking":[173],"(DIFT),":[174],"taints":[176],"tracks":[178],"malicious":[179],"through":[182],"inspects":[186],"at":[189],"designated":[190],"traps.":[191],"Since":[192],"tainting":[193],"all":[194],"incur":[200],"significant":[201],"memory":[202],"storage":[204],"overhead,":[205],"efficient":[206,248],"tagging":[207],"policies":[208],"needed":[210],"maximize":[212],"probability":[214],"detecting":[216],"while":[219],"minimizing":[220],"costs.":[222],"In":[223],"work,":[225],"we":[226],"develop":[227],"multi-stage":[229],"stochastic":[230],"framework":[232],"DIFT,":[242],"well":[244],"designing":[246,280],"DIFT-based":[249],"defense.":[250],"model":[252],"grounded":[254],"gathered":[258],"using":[259],"Refinable":[261],"Attack":[262],"Investigation":[263],"(RAIN)":[264],"flow-tracking":[265],"framework.":[266],"current":[270],"state":[271],"our":[273],"formulation,":[274],"insights":[275],"it":[277],"provides":[278],"effective":[281],"defenses":[282],"against":[283],"APTs,":[284],"directions":[286],"future":[288],"work.":[289]},"counts_by_year":[{"year":2019,"cited_by_count":1}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}