{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,29]],"date-time":"2026-01-29T23:31:32Z","timestamp":1769729492721,"version":"3.49.0"},"publisher-location":"Cham","reference-count":53,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319664019","type":"print"},{"value":"9783319664026","type":"electronic"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-66402-6_11","type":"book-chapter","created":{"date-parts":[[2017,8,11]],"date-time":"2017-08-11T13:44:11Z","timestamp":1502459051000},"page":"167-186","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":13,"title":["MTD CBITS: Moving Target Defense for Cloud-Based IT Systems"],"prefix":"10.1007","author":[{"given":"Alexandru G.","family":"Bardas","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sathya Chandran","family":"Sundaramurthy","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xinming","family":"Ou","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Scott A.","family":"DeLoach","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2017,8,12]]},"reference":[{"key":"11_CR1","unstructured":"Chaos Monkey. https:\/\/github.com\/netflix\/chaosmonkey. Accessed Apr 2017"},{"key":"11_CR2","unstructured":"http-perf. https:\/\/www.npmjs.com\/package\/http-perf. Accessed Apr 2017"},{"key":"11_CR3","unstructured":"PaX ASLR. https:\/\/pax.grsecurity.net\/docs\/aslr.txt. Accessed Apr 2017"},{"key":"11_CR4","series-title":"Advances in Information Security","doi-asserted-by":"publisher","first-page":"153","DOI":"10.1007\/978-1-4614-0977-9_9","volume-title":"Moving Target Defense","author":"E Al-Shaer","year":"2011","unstructured":"Al-Shaer, E.: Toward network configuration randomization for moving target defense. In: Jajodia, S., Ghosh, A., Swarup, V., Wang, C., Wang, X. (eds.) Moving Target Defense. Advances in Information Security, vol. 54, pp. 153\u2013159. Springer, New York (2011). doi:10.1007\/978-1-4614-0977-9_9"},{"key":"11_CR5","doi-asserted-by":"crossref","unstructured":"Albanese, M., De Benedictis, A., Jajodia, S., Sun, K.: A moving target defense mechanism for MANETs based on identity virtualization. In: IEEE CNS (2013)","DOI":"10.1109\/CNS.2013.6682717"},{"key":"11_CR6","doi-asserted-by":"crossref","unstructured":"Antonatos, S., Akritidis, P., Markatos, E.P., Anagnostakis, K.G.: Defending against Hitlist worms using network address space randomization. In: ACM WORM (2005)","DOI":"10.1145\/1103626.1103633"},{"key":"11_CR7","doi-asserted-by":"crossref","unstructured":"Armbust, M., Fox, A., Griffith, R., Joseph, A., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Stoica, I., Zaharia, M.: A view of cloud computing. In: ACM CACM (2010)","DOI":"10.1145\/1721654.1721672"},{"key":"11_CR8","doi-asserted-by":"crossref","unstructured":"Bauer, K., Dedhia, V., Skowyra, R., Streilein, W., Okhravi, H.: Multi-variant execution to protect unpatched software. In: RWS (2015)","DOI":"10.1109\/RWEEK.2015.7287427"},{"key":"11_CR9","doi-asserted-by":"crossref","unstructured":"Boyd, S.W., Kc, G.S., Locasto, M.E., Keromytis, A.D., Prevelakis, V.: On the general applicability of instruction-set randomization. In: IEEE TDSC, July 2010","DOI":"10.1109\/TDSC.2008.58"},{"key":"11_CR10","unstructured":"Canonical, Metal as a Service (MAAS). https:\/\/maas.io\/. Accessed Apr 2017"},{"key":"11_CR11","doi-asserted-by":"crossref","unstructured":"Casola, V., Benedictis, A.D., Albanese, M.: A moving target defense approach for protecting resource-constrained distributed devices. In: IEEE IRI (2013)","DOI":"10.1109\/IRI.2013.6642449"},{"key":"11_CR12","unstructured":"Chef. https:\/\/www.chef.io\/chef\/. Accessed Mar 2017"},{"key":"11_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1007\/978-3-319-24174-6_4","volume-title":"Computer Security \u2013 ESORICS 2015","author":"P Chen","year":"2015","unstructured":"Chen, P., Xu, J., Lin, Z., Xu, D., Mao, B., Liu, P.: A practical approach for adaptive data structure layout randomization. In: Pernul, G., Ryan, P.Y.A., Weippl, E. (eds.) ESORICS 2015. LNCS, vol. 9326, pp. 69\u201389. Springer, Cham (2015). doi:10.1007\/978-3-319-24174-6_4"},{"key":"11_CR14","series-title":"Advances in Information Security","doi-asserted-by":"publisher","first-page":"117","DOI":"10.1007\/978-1-4614-0977-9_7","volume-title":"Moving Target Defense","author":"M Christodorescu","year":"2011","unstructured":"Christodorescu, M., Fredrikson, M., Jha, S., Giffin, J.: End-to-End software diversification of internet services. In: Jajodia, S., Ghosh, A., Swarup, V., Wang, C., Wang, X. (eds.) Moving Target Defense. Advances in Information Security, vol. 54, pp. 117\u2013130. Springer, New York (2011). doi:10.1007\/978-1-4614-0977-9_7"},{"key":"11_CR15","unstructured":"Crowdstrike, Bears in the Midst. https:\/\/goo.gl\/djML8Q. Accessed Apr 2017"},{"key":"11_CR16","doi-asserted-by":"crossref","unstructured":"Cybenko, G., Hughes, J.: No free lunch in cyber security. In: MTD (2014)","DOI":"10.1145\/2663474.2663475"},{"key":"11_CR17","doi-asserted-by":"crossref","unstructured":"De Capitani, S., di Vimercati, S., Foresti, S., Jajodia, S.P., Samarati, P.: Efficient integrity checks for join queries in the cloud. In: IOS JCS (2016)","DOI":"10.3233\/JCS-160545"},{"key":"11_CR18","unstructured":"Democratic National Committee. https:\/\/goo.gl\/nxemkK. Accessed Apr 2017"},{"key":"11_CR19","unstructured":"DHS, Moving Target Defense. https:\/\/goo.gl\/5qXtoH. Accessed Apr 2017"},{"key":"11_CR20","doi-asserted-by":"crossref","unstructured":"Dunlop, M., Groat, S., Urbanski, W., Marchany, R., Tront, J.: MT6D: a moving target IPv6 defense. In: IEEE MILCOM (2011)","DOI":"10.1109\/MILCOM.2011.6127486"},{"key":"11_CR21","doi-asserted-by":"crossref","unstructured":"Eskridge, T.C., Carvalho, M.M., Stoner, E., Toggweiler, T., Granados, A.: VINE: a cyber emulation environment for MTD experimentation. In: ACM MTD (2015)","DOI":"10.1145\/2808475.2808486"},{"key":"11_CR22","doi-asserted-by":"crossref","unstructured":"Evans, D., Nguyen-Tuong, A., Knight, J.: Effectiveness of Moving Target Defenses (2011)","DOI":"10.1007\/978-1-4614-0977-9_2"},{"key":"11_CR23","doi-asserted-by":"crossref","unstructured":"Hobson, T., Okhravi, H., Bigelow, D., Rudd, R., Streilein, W.: On the challenges of effective movement. In: ACM MTD (2014)","DOI":"10.1145\/2663474.2663480"},{"key":"11_CR24","unstructured":"Homescu, A., Jackson, T., Crane, S., Brunthaler, S., Larsen, P., Franz, M.: Large-scale automated software diversity-program evolution redux. In: IEEE TDSC (2015)"},{"key":"11_CR25","unstructured":"Huang, Y., Arsenault, D., Sood, A.: Closing cluster attack windows through server redundancy and rotations. In: Workshop on Cluster Security (2006)"},{"key":"11_CR26","doi-asserted-by":"crossref","unstructured":"Hughes, J., Cybenko, G.: Quantitative metrics and risk assessment: the three tenets model of cybersecurity. In: Technology Innovation Management Review (2013)","DOI":"10.22215\/timreview\/712"},{"key":"11_CR27","doi-asserted-by":"publisher","first-page":"2562","DOI":"10.1109\/TIFS.2015.2467358","volume":"10","author":"JH Jafarian","year":"2015","unstructured":"Jafarian, J.H., Al-Shaer, E., Duan, Q.: An effective address mutation approach for disrupting reconnaissance attacks. IEEE Trans. Inf. Forensics Secur. 10, 2562\u20132577 (2015)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"11_CR28","doi-asserted-by":"crossref","unstructured":"Karapanos, N., Filios, A., Popa, R.A., Capkun, S.: Verena: end-to-end integrity protection for web applications. In: IEEE S&P (2016)","DOI":"10.1109\/SP.2016.58"},{"key":"11_CR29","doi-asserted-by":"crossref","unstructured":"Kc, G.S., Keromytis, A.D., Prevelakis, V.: Countering code-injection attacks with instruction-set randomization. In: ACM CCS (2003)","DOI":"10.1145\/948109.948146"},{"key":"11_CR30","doi-asserted-by":"crossref","unstructured":"Keromytis, A.D., Geambasu, R., Sethumadhavan, S., Stolfo, S.J., Yang, J., Benameur, A., Dacier, M., Elder, M., Kienzle, D., Stavrou, A.: The MEERKATS cloud security architecture. In: IEEE DCS (2012)","DOI":"10.1109\/ICDCSW.2012.42"},{"key":"11_CR31","doi-asserted-by":"crossref","unstructured":"Kil, C., Jun, J., Bookholt, C., Xu, J., Ning, P.: Address Space Layout Permutation (ASLP): towards fine-grained randomization of commodity software. In: IEEE ACSAC (2006)","DOI":"10.1109\/ACSAC.2006.9"},{"key":"11_CR32","unstructured":"Manadhata, P.K., Wing, J.M.: An attack surface metric. In: IEEE TSE (2010)"},{"key":"11_CR33","unstructured":"Mandiant, APT1 Report. https:\/\/goo.gl\/Cx3wz2. Accessed Mar 2017"},{"key":"11_CR34","unstructured":"Mandiant, M-Trends 2016 Report. https:\/\/goo.gl\/PmJdEZ. Accessed Apr 2017"},{"key":"11_CR35","unstructured":"Mandiant, M-Trends 2017 Report. https:\/\/goo.gl\/ISs8tX. Accessed Apr 2017"},{"key":"11_CR36","unstructured":"MediaWiki. https:\/\/www.mediawiki.org. Accessed Apr 2017"},{"key":"11_CR37","doi-asserted-by":"crossref","unstructured":"Moon, S.-J., Sekar, V., Reiter, M.K.: Nomad: mitigating arbitrary cloud side channels via provider-assisted migration. In: ACM CCS (2015)","DOI":"10.1145\/2810103.2813706"},{"key":"11_CR38","unstructured":"Narain, S., Coan, D.C., Falchuk, B., Gordon, S., Kang, J., Kirsch, J., Naidu, A., Sinkar, K., Tsang, S., Malik, S., Zhang, S., Rajabian-Schwart, V., Tirenin, W.: A science of network configuration. J. CSIAC-CSIS, 4(1), 18\u201331 (2016)"},{"key":"11_CR39","doi-asserted-by":"crossref","unstructured":"Narain, S., Malik, S., Al-Shaer, E.: Towards eliminating configuration errors in cyber infrastructure. In: IEEE SafeConfig (2011)","DOI":"10.1109\/SafeConfig.2011.6111678"},{"key":"11_CR40","doi-asserted-by":"crossref","unstructured":"Nguyen, Q., Sood, A.: Designing SCIT architecture pattern in a cloud-based environment. In: DSN-W (2011)","DOI":"10.1109\/DSNW.2011.5958797"},{"key":"11_CR41","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"405","DOI":"10.1007\/978-3-319-11379-1_20","volume-title":"Research in Attacks, Intrusions and Defenses","author":"H Okhravi","year":"2014","unstructured":"Okhravi, H., Riordan, J., Carter, K.: Quantitative evaluation of dynamic platform techniques as a defensive mechanism. In: Stavrou, A., Bos, H., Portokalidis, G. (eds.) RAID 2014. LNCS, vol. 8688, pp. 405\u2013425. Springer, Cham (2014). doi:10.1007\/978-3-319-11379-1_20"},{"key":"11_CR42","series-title":"Advances in Information Security","doi-asserted-by":"publisher","first-page":"49","DOI":"10.1007\/978-1-4614-0977-9_3","volume-title":"Moving Target Defense","author":"G Portokalidis","year":"2011","unstructured":"Portokalidis, G., Keromytis, A.D.: Global ISR: toward a comprehensive defense against unauthorized code execution. In: Jajodia, S., Ghosh, A., Swarup, V., Wang, C., Wang, X. (eds.) Moving Target Defense. Advances in Information Security, vol. 54, pp. 49\u201376. Springer, New York (2011). doi:10.1007\/978-1-4614-0977-9_3"},{"key":"11_CR43","unstructured":"Puppet. https:\/\/puppet.com\/, https:\/\/goo.gl\/r1WcKm. Accessed Apr 2017"},{"key":"11_CR44","unstructured":"Puppet Blog. https:\/\/goo.gl\/TSRTS0, https:\/\/goo.gl\/9Z1YhK. Accessed Apr 2017"},{"key":"11_CR45","unstructured":"Puppet Hiera. http:\/\/docs.puppetlabs.com\/hiera\/1\/. Accessed Apr 2017"},{"key":"11_CR46","unstructured":"Puppet, os_hardening. https:\/\/goo.gl\/vjkCgZ. Accessed Apr 2017"},{"key":"11_CR47","unstructured":"Unruh, I., Bardas, A.G., Zhuang, R., Ou, X., DeLoach, S.A.: Compiling abstract specifications into concrete systems - bringing order to the cloud. In: USENIX LISA (2014)"},{"key":"11_CR48","unstructured":"US Patent US6917930. https:\/\/goo.gl\/KYMT9a. Accessed Apr 2017"},{"key":"11_CR49","unstructured":"Verizon, 2016 DBIR. http:\/\/goo.gl\/E0OSr7. Accessed Apr 2017"},{"key":"11_CR50","doi-asserted-by":"crossref","unstructured":"Vikram, S., Yang, C., Gu, G.: NOMAD: towards non-intrusive MTD against web bots. In: IEEE CNS (2013)","DOI":"10.1109\/CNS.2013.6682692"},{"key":"11_CR51","unstructured":"Wikibench. http:\/\/www.wikibench.eu\/. Accessed Apr 2017"},{"key":"11_CR52","unstructured":"Wikipedia DB dumps. https:\/\/goo.gl\/8jfhkk. Accessed Apr 2017"},{"key":"11_CR53","doi-asserted-by":"crossref","unstructured":"Williams, D., Hu, W., Davidson, J.W., Hiser, J.D., Knight, J.C., Nguyen-Tuong, A.: Security through diversity: leveraging virtual machine technology. In: IEEE S&P, July 2009","DOI":"10.1109\/MSP.2009.18"}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2017"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-66402-6_11","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,8,15]],"date-time":"2022-08-15T00:04:49Z","timestamp":1660521889000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-66402-6_11"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319664019","9783319664026"],"references-count":53,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-66402-6_11","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017]]},"assertion":[{"value":"12 August 2017","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ESORICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Symposium on Research in Computer Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Oslo","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Norway","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2017","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11 September 2017","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15 September 2017","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"esorics2017","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/deic.uab.cat\/conferences\/dpm\/dpm2017\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}