{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,2]],"date-time":"2026-01-02T07:31:04Z","timestamp":1767339064268,"version":"3.37.3"},"reference-count":35,"publisher":"Wiley","license":[{"start":{"date-parts":[[2020,10,20]],"date-time":"2020-10-20T00:00:00Z","timestamp":1603152000000},"content-version":"unspecified","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"National Key Research and Development Program of China","award":["2018YFE0126000","U1636209","61902292","2019ZDLGY13-04","2019ZDLGY13-07","XJS201502"],"award-info":[{"award-number":["2018YFE0126000","U1636209","61902292","2019ZDLGY13-04","2019ZDLGY13-07","XJS201502"]}]},{"name":"Key Program of NSFC-Tongyong Union Foundation","award":["2018YFE0126000","U1636209","61902292","2019ZDLGY13-04","2019ZDLGY13-07","XJS201502"],"award-info":[{"award-number":["2018YFE0126000","U1636209","61902292","2019ZDLGY13-04","2019ZDLGY13-07","XJS201502"]}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["2018YFE0126000","U1636209","61902292","2019ZDLGY13-04","2019ZDLGY13-07","XJS201502"],"award-info":[{"award-number":["2018YFE0126000","U1636209","61902292","2019ZDLGY13-04","2019ZDLGY13-07","XJS201502"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Key Research and Development Programs of Shaanxi","award":["2018YFE0126000","U1636209","61902292","2019ZDLGY13-04","2019ZDLGY13-07","XJS201502"],"award-info":[{"award-number":["2018YFE0126000","U1636209","61902292","2019ZDLGY13-04","2019ZDLGY13-07","XJS201502"]}]},{"DOI":"10.13039\/501100012226","name":"Fundamental Research Funds for the Central Universities","doi-asserted-by":"publisher","award":["2018YFE0126000","U1636209","61902292","2019ZDLGY13-04","2019ZDLGY13-07","XJS201502"],"award-info":[{"award-number":["2018YFE0126000","U1636209","61902292","2019ZDLGY13-04","2019ZDLGY13-07","XJS201502"]}],"id":[{"id":"10.13039\/501100012226","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Security and Communication Networks"],"published-print":{"date-parts":[[2020,10,20]]},"abstract":"<jats:p>As the prerequisite for the attacker to invade the target network, Persistent Scan and Foothold Attack (PSFA) is becoming progressively more subtle and complex. Even worse, the static and predictable characteristics of traditional systems provide an asymmetric advantage for attackers in launching the PSFA. To reverse this asymmetric advantage and resist the PSFA, two new defense ideas, called moving target defense (MTD) and deception-based cyber defense (DCD), have been suggested to provide the proactive selectable measures to complement traditional defense. However, MTD is unable to defeat the sophisticated attacker with fingerprint tracking ability. Meanwhile, DCD is easy to be marked by the attacker, which will result in a great waste of defense resources and poor defense effectiveness. To address this shortcoming, we propose the hybrid cyber defense mechanism that combines the address mutation (belonging to MTD) and fingerprint camouflage (belonging to DCD) strategies. More specifically, we first introduce and formalize the attacker model of PSFA based on the cyber kill chain. Afterwards, the traffic direction technology is designed to realize the coordination between the strategy of address mutation and the strategy of fingerprint camouflage. Furthermore, we construct the fine-grained quantitative modeling of the attacker\u2019s behaviors through an in-depth observation of actual network confrontation. Based on this, a dynamic defense strategy generation algorithm is presented to maximize the effectiveness of our hybrid mechanism. Finally, the experimental results show that our hybrid mechanism can greatly improve the time required for a successful attack and achieve a better defense effect than the single strategy.<\/jats:p>","DOI":"10.1155\/2020\/8882200","type":"journal-article","created":{"date-parts":[[2020,10,21]],"date-time":"2020-10-21T19:20:08Z","timestamp":1603308008000},"page":"1-15","source":"Crossref","is-referenced-by-count":3,"title":["A Hybrid Cyber Defense Mechanism to Mitigate the Persistent Scan and Foothold Attack"],"prefix":"10.1155","volume":"2020","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-0522-7867","authenticated-orcid":true,"given":"Shuo","family":"Wang","sequence":"first","affiliation":[{"name":"Information Science and Technology Institute, Zhengzhou 450001, China"},{"name":"State Key Laboratory of Integrated Services Network, Xidian University, Xi\u2019an 710071, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7614-1422","authenticated-orcid":true,"given":"Qingqi","family":"Pei","sequence":"additional","affiliation":[{"name":"State Key Laboratory of Integrated Services Network, Xidian University, Xi\u2019an 710071, China"},{"name":"Shaanxi Key Laboratory of Blockchain and Secure Computing, Xidian University, Xi\u2019an 710071, China"}]},{"given":"Yuchen","family":"Zhang","sequence":"additional","affiliation":[{"name":"Information Science and Technology Institute, Zhengzhou 450001, China"}]},{"given":"Xiaohu","family":"Liu","sequence":"additional","affiliation":[{"name":"Information Science and Technology Institute, Zhengzhou 450001, China"}]},{"given":"Guangming","family":"Tang","sequence":"additional","affiliation":[{"name":"Information Science and Technology Institute, Zhengzhou 450001, China"}]}],"member":"311","reference":[{"key":"1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2020.03.007"},{"key":"2","doi-asserted-by":"publisher","DOI":"10.1109\/comst.2019.2891891"},{"article-title":"Cyber kill chain (ckc)","year":"2017","author":"L. Martin","key":"3"},{"key":"4","doi-asserted-by":"publisher","DOI":"10.1109\/msp.2018.1870866"},{"first-page":"162","article-title":"Investigating the application of moving target defenses to network security","author":"R. Zhuang","key":"5"},{"key":"6","doi-asserted-by":"publisher","DOI":"10.1155\/2018\/3759626"},{"key":"7","article-title":"A survey of moving target defenses for network security","volume":"22","author":"S. Zhang","year":"2020","journal-title":"IEEE Communications Surveys & Tutorials"},{"key":"8","doi-asserted-by":"publisher","DOI":"10.1109\/mc.2015.104"},{"volume-title":"Cyber Deception: Building the Scientific Foundation","year":"2016","author":"S. Thomas","key":"9"},{"key":"10","doi-asserted-by":"publisher","DOI":"10.1145\/3214305"},{"key":"11","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2019.06.004"},{"first-page":"127","article-title":"OpenFlow random host mutation: transparent moving target defense using software defined networking","author":"J. H. Jafarian","key":"12"},{"first-page":"738","article-title":"Adversary-aware IP address randomization for proactive agility against sophisticated attackers","author":"J. H. Jafarian","key":"13"},{"key":"14","doi-asserted-by":"publisher","DOI":"10.1109\/tifs.2015.2467358"},{"first-page":"13","article-title":"Specification-driven moving target defense synthesis","author":"M. M. Islam","key":"15"},{"key":"16","doi-asserted-by":"publisher","DOI":"10.1109\/tnsm.2018.2889842"},{"first-page":"1","article-title":"MOTAG: moving target defense against internet denial of service attacks","author":"Q. Jia","key":"17"},{"first-page":"234","article-title":"Optimal network reconfiguration for software defined networks using shuffle-based online MTD","author":"J. B. Hong","key":"18"},{"first-page":"21","article-title":"Analysis of concurrent moving target defenses","author":"W. Connell","key":"19"},{"key":"20","doi-asserted-by":"publisher","DOI":"10.1109\/tifs.2017.2710945"},{"first-page":"502","article-title":"Honeypot allocation over attack graphs in cyber deception games","author":"A. H. Anwar","key":"21"},{"key":"22","doi-asserted-by":"publisher","DOI":"10.1109\/access.2020.2974786"},{"first-page":"1","article-title":"DESIR: decoy-enhanced seamless IP randomization","author":"J. Tang","key":"23"},{"first-page":"21","article-title":"Probabilistic performance analysis of moving target and deception reconnaissance defenses","author":"M. Crouse","key":"24"},{"key":"25","doi-asserted-by":"publisher","DOI":"10.1109\/tdsc.2015.2443790"},{"key":"26","doi-asserted-by":"publisher","DOI":"10.1145\/3337772"},{"key":"27","doi-asserted-by":"publisher","DOI":"10.1155\/2017\/1560594"},{"first-page":"1","article-title":"A signal game model for moving target defense","author":"X. T. Feng","key":"28"},{"key":"29","doi-asserted-by":"publisher","DOI":"10.1145\/3137571"},{"key":"30","doi-asserted-by":"publisher","DOI":"10.1109\/jiot.2019.2943151"},{"key":"31","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2017.12.001"},{"first-page":"1","article-title":"Markov game modeling of moving target defense for strategic detection of threats in cloud networks","author":"A. Liu","key":"32"},{"first-page":"577","article-title":"Adaptive MTD security using Markov game modeling","author":"A. Chowdhary","key":"33"},{"first-page":"1","article-title":"A novel permutational sampling technique for cooperative network scanning","author":"J. H. Jafarian","key":"34"},{"key":"35","doi-asserted-by":"crossref","first-page":"101","DOI":"10.1007\/978-3-030-02110-8_6","article-title":"CONCEAL: a strategy composition for resilient cyber deception: framework, metrics, and deployment","volume-title":"Autonomous Cyber Deception","author":"Q. Duan","year":"2019"}],"container-title":["Security and Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2020\/8882200.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2020\/8882200.xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2020\/8882200.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,10,21]],"date-time":"2020-10-21T19:20:13Z","timestamp":1603308013000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.hindawi.com\/journals\/scn\/2020\/8882200\/"}},"subtitle":[],"editor":[{"given":"Bela","family":"Genge","sequence":"additional","affiliation":[]}],"short-title":[],"issued":{"date-parts":[[2020,10,20]]},"references-count":35,"alternative-id":["8882200","8882200"],"URL":"https:\/\/doi.org\/10.1155\/2020\/8882200","relation":{},"ISSN":["1939-0122","1939-0114"],"issn-type":[{"type":"electronic","value":"1939-0122"},{"type":"print","value":"1939-0114"}],"subject":[],"published":{"date-parts":[[2020,10,20]]}}}