{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,18]],"date-time":"2025-12-18T14:27:05Z","timestamp":1766068025213,"version":"build-2065373602"},"reference-count":47,"publisher":"MDPI AG","issue":"13","license":[{"start":{"date-parts":[[2024,7,5]],"date-time":"2024-07-05T00:00:00Z","timestamp":1720137600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Agency for Defense Development Institute","award":["9150921"],"award-info":[{"award-number":["9150921"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>With the advancement in information and communication technology, modern society has relied on various computing systems in areas closely related to human life. However, cyberattacks are also becoming more diverse and intelligent, with personal information and human lives being threatened. The moving target defense (MTD) strategy was designed to protect mission-critical systems from cyberattacks. The MTD strategy shifted the paradigm from passive to active system defense. However, there is a lack of indicators that can be used as a reference when deriving general system components, making it difficult to configure a systematic MTD strategy. Additionally, even when selecting system components, a method to confirm whether the systematic components are selected to respond to actual cyberattacks is needed. Therefore, in this study, we surveyed and analyzed existing cyberattack information and MTD strategy research results to configure a component dataset. Next, we found the correlation between the cyberattack information and MTD strategy component datasets and used this to design and implement the MTD-Diorama data visualization engine to configure a systematic MTD strategy. Through this, researchers can conveniently identify the attack surface contained in cyberattack information and the MTD strategies that can respond to each attack surface. Furthermore, it will allow researchers to configure more systematic MTD strategies that can be used universally without being limited to specific computing systems.<\/jats:p>","DOI":"10.3390\/s24134369","type":"journal-article","created":{"date-parts":[[2024,7,5]],"date-time":"2024-07-05T12:30:59Z","timestamp":1720182659000},"page":"4369","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["MTD-Diorama: Moving Target Defense Visualization Engine for Systematic Cybersecurity Strategy Orchestration"],"prefix":"10.3390","volume":"24","author":[{"ORCID":"https:\/\/orcid.org\/0009-0009-5919-4157","authenticated-orcid":false,"given":"Se-Han","family":"Lee","sequence":"first","affiliation":[{"name":"SysCore Lab., Convergence Engineering for Intelligent Drone, Sejong University, Seoul 05006, Republic of Korea"},{"name":"Department of Computer and Information Security, Sejong University, Seoul 05006, Republic of Korea"}]},{"given":"Kyungshin","family":"Kim","sequence":"additional","affiliation":[{"name":"Agency of Defense Development (ADD), Daejeon 34186, Republic of Korea"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1494-9503","authenticated-orcid":false,"given":"Youngsoo","family":"Kim","sequence":"additional","affiliation":[{"name":"Electronics and Telecommunications Research Institute (ETRI), Daejeon 34129, Republic of Korea"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3377-223X","authenticated-orcid":false,"given":"Ki-Woong","family":"Park","sequence":"additional","affiliation":[{"name":"Department of Computer and Information Security, Sejong University, Seoul 05006, Republic of Korea"}]}],"member":"1968","published-online":{"date-parts":[[2024,7,5]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"97","DOI":"10.1016\/j.eswa.2019.05.014","article-title":"The Internet of Things: Review and theoretical framework","volume":"133","author":"Nord","year":"2019","journal-title":"Expert Syst. Appl."},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"283","DOI":"10.1016\/j.comnet.2018.11.025","article-title":"Current research on Internet of Things (IoT) security: A survey","volume":"148","author":"Noor","year":"2019","journal-title":"Comput. Netw."},{"key":"ref_3","doi-asserted-by":"crossref","unstructured":"Koutras, D., Stergiopoulos, G., Dasaklis, T., Kotzanikolaou, P., Glynos, D., and Douligeris, C. (2020). Security in IoMT Communications: A Survey. Sensors, 20.","DOI":"10.3390\/s20174828"},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"2702","DOI":"10.1109\/COMST.2019.2910750","article-title":"Demystifying IoT Security: An Exhaustive Survey on IoT Vulnerabilities and a First Empirical Look on Internet-Scale IoT Exploitations","volume":"21","author":"Neshenko","year":"2019","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"82721","DOI":"10.1109\/ACCESS.2019.2924045","article-title":"A Survey on IoT Security: Application Areas, Security Threats, and Solution Architectures","volume":"7","author":"Hassija","year":"2019","journal-title":"IEEE Access"},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"1069","DOI":"10.9728\/dcs.2019.20.5.1069","article-title":"Hacking Attacks and Countermeasures using Vulnerabilities of Lightweight IP Camera in Internet of Things","volume":"20","author":"Cho","year":"2019","journal-title":"J. Digit. Contents Soc."},{"key":"ref_7","first-page":"73","article-title":"A Survey Analysis of Internet of Things Security Issues and Combined Service","volume":"25","author":"Kim","year":"2020","journal-title":"J. Korea Soc. Comput. Inf."},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Sadhu, P.K., Yanambaka, V.P., and Abdelgawad, A. (2022). Internet of Things: Security and Solutions Survey. Sensors, 22.","DOI":"10.3390\/s22197433"},{"key":"ref_9","unstructured":"Antonakakis, M., April, T., Bailey, M., Bernhard, M., Bursztein, E., Cochran, J., Durumeric, Z., Halderman, J.A., Invernizzi, L., and Kallitsis, M. (2017, January 16\u201318). Understanding the Mirai Botnet. Proceedings of the 26th USENIX Security Symposium, Vancouver, BC, Canada."},{"key":"ref_10","first-page":"37","article-title":"Countermeasure to Underlying Security Threats in IoT communication","volume":"6","author":"Mun","year":"2016","journal-title":"J. Converg. Inf. Technol."},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"41","DOI":"10.1016\/j.iot.2018.11.003","article-title":"Securing the Internet of Things: Challenges, threats and solutions","volume":"5","author":"Grammatikis","year":"2019","journal-title":"Internet Things"},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"709","DOI":"10.1109\/COMST.2019.2963791","article-title":"Toward Proactive, Adaptive Defense: A Survey on Moving Target Defense","volume":"22","author":"Cho","year":"2020","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_13","first-page":"147","article-title":"A Method for Derivation of Software-Defined MTD Research Direction for secure IoT Device through Analysis of MTD Strategy Research Result","volume":"5","author":"Lee","year":"2022","journal-title":"JDCA"},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"101867","DOI":"10.1016\/j.cose.2020.101867","article-title":"TIMiner: Automatically extracting and analyzing categorized cyber threat intelligence from social data","volume":"95","author":"Zhao","year":"2020","journal-title":"Comput. Secur."},{"key":"ref_15","unstructured":"Lee, S., Alawami, M.A., and Park, K. (2023, January 20\u201323). Data Visualization Engine for systematic MTD Strategy Configuration linked to Cyber Attack Information. Proceedings of the 9th International Conference on Next Generation Computing (ICNGC 2023), Da Nang, Vietnam."},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"163","DOI":"10.1109\/TDSC.2015.2443790","article-title":"Assessing the Effectiveness of Moving Target Defenses Using Security Models","volume":"13","author":"Hong","year":"2016","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"207","DOI":"10.1007\/s11390-019-1906-z","article-title":"A Survey on the Moving Target Defense Strategies: An Architectural Perspective","volume":"34","author":"Zheng","year":"2019","journal-title":"J. Comput. Sci. Technol."},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Burow, N., Burrow, R., Khazan, R., Shrobe, H., and Ward, B.C. (2020, January 9\u201313). Moving Target Defense Considerations in Real-Time Safety- and Mission-Critical Systems. Proceedings of the 7th ACM Workshop on Moving Target Defense (MTD\u201920), Online.","DOI":"10.1145\/3411496.3421224"},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"7818","DOI":"10.1109\/JIOT.2020.3040358","article-title":"MTD, Where Art Thou? A Systematic Review of Moving Target Defense Techniques for IoT","volume":"8","author":"Navas","year":"2021","journal-title":"IEEE Internet Things J."},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Zhuang, R., DeLoach, S.A., and Ou, X. (2014, January 3\u20137). Towards a Theory of Moving Target Defense. Proceedings of the First ACM Workshop on Moving Target Defense (MTD`14), Scottsdale, AZ, USA.","DOI":"10.1145\/2663474.2663479"},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Xu, J., Guo, P., Zhao, M., Erbacher, R.F., Zhu, M., and Liu, P. (2014, January 3\u20137). Comparing Different Moving Target Defense Techniques. Proceedings of the First ACM Workshop on Moving Target Defense (MTD\u201914), Scottsdale, AZ, USA.","DOI":"10.1145\/2663474.2663486"},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"1122","DOI":"10.1631\/FITEE.1601321","article-title":"Moving target defense: State of the art and characteristics","volume":"17","author":"Cai","year":"2016","journal-title":"Front. Inf. Technol. Electron. Eng."},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Cho, H. (2017). Analysis of Cyber Threat Level Based on Indicator of Compromise. [Master\u2019s Thesis, Sungkyunkwan University].","DOI":"10.1109\/PlatCon.2018.8472733"},{"key":"ref_24","unstructured":"Kim, S. (2015). A Method to Indicator Compromise Utilization for the Effective Infringement Accident Analysis. [Master\u2019s Thesis, Konkuk University]."},{"key":"ref_25","unstructured":"(2024, May 01). OpenIOC 1.1. Available online: https:\/\/github.com\/fireeye\/OpenIOC_1.1."},{"key":"ref_26","unstructured":"(2024, May 01). Utilization of IOC, IOAF and SigBase. Available online: http:\/\/forensicinsight.org\/wp-content\/uploads\/2013\/05\/F-INSIGHT-Utilization-of-IOC-IOAF-and-SigBase.pdf."},{"key":"ref_27","doi-asserted-by":"crossref","unstructured":"Shah, Y., and Sengupta, S. (2020, January 28\u201331). A survey on Classification of Cyber-attacks on IoT and IIoT devices. Proceedings of the 2020 11th IEEE Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON), New York, NY, USA.","DOI":"10.1109\/UEMCON51285.2020.9298138"},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Wang, Y., Wang, Y., Liu, J., Huang, Z., and Xie, P. (2016, January 13\u201316). A Survey of Game Theoretic Methods for Cyber Security. Proceedings of the 2016 IEEE First International Conference on Data Science in Cyberspace (DSC), Changsha, China.","DOI":"10.1109\/DSC.2016.90"},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Zhang, L., Wang, Z., Zhang, H., Min, M., Wang, C., Niyato, D., and Han, Z. (2024). Anti-Jamming Colonel Blotto Game for Underwater Acoustic Backscatter Communication. IEEE Trans. Veh. Technol., early access.","DOI":"10.36227\/techrxiv.170629387.77478867\/v1"},{"key":"ref_30","first-page":"8819545","article-title":"Intrusion Detection into Cloud-Fog-Based IoT Networks Using Game Theory","volume":"1","author":"Pirozmand","year":"2020","journal-title":"Wirel. Commun. Mob. Comput."},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"11250","DOI":"10.1109\/JIOT.2020.2996671","article-title":"A Game-Theoretic Approach for Enhancing Security and Data Trustworthiness in IoT Applications","volume":"7","author":"Abdalzaher","year":"2020","journal-title":"IEEE Internet Things J."},{"key":"ref_32","unstructured":"Moon, S.Y. (2018, January 20\u201322). A Study on the Moving Target Defense Model for Advanced Persistent Threat Security. Proceedings of the 2018 Korean Institute of Communications and Information Sciences (KICS) Summer Conference, Jeju, Republic of Korea."},{"key":"ref_33","first-page":"477","article-title":"MTD (Moving Target Detection) with Preposition Hash Table for Security of Drone Network","volume":"23","author":"Leem","year":"2019","journal-title":"J. Korea Inst. Inf. Commun. Eng."},{"key":"ref_34","first-page":"25","article-title":"Attack Surface Expansion through Decoy Trap for Protected Servers in Moving Target Defense","volume":"24","author":"Park","year":"2019","journal-title":"J. Korea Soc. Comput. Inform."},{"key":"ref_35","doi-asserted-by":"crossref","unstructured":"Hong, J.B., Yoon, S., Lim, H., and Kim, D.S. (2017, January 26\u201329). Optimal Network Reconfiguration for Software Defined Networks Using Shuffle-Based Online MTD. Proceedings of the IEEE 36th Symposium on Reliable Distributed Systems (SRDS), Hong Kong, China.","DOI":"10.1109\/SRDS.2017.32"},{"key":"ref_36","doi-asserted-by":"crossref","unstructured":"Narantuya, J., Yoon, S., Lim, H., Cho, J., Kim, D.S., Moore, T., and Nelson, F. (2019, January 24\u201327). SDN-Based IP Shuffling Moving Target Defense with Multiple SDN Controllers. Proceedings of the 49th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks\u2013Supplemental Volume (DSN-S), Portland, OR, USA.","DOI":"10.1109\/DSN-S.2019.00013"},{"key":"ref_37","doi-asserted-by":"crossref","first-page":"15521","DOI":"10.1109\/ACCESS.2019.2892961","article-title":"CAN ID Shuffling Technique (CIST): Moving Target Defense Strategy for Protecting In-Vehicle CAN","volume":"7","author":"Woo","year":"2019","journal-title":"IEEE Access"},{"key":"ref_38","doi-asserted-by":"crossref","unstructured":"Brown, R., Marti, A., Jenkins, C., and Shannigrahi, S. (2020, January 9\u201313). Dynamic Address Validation Array (DAVA): A Moving Target Defense Protocol for CAN bus. Proceedings of the 7th ACM Workshop on Moving Target Defense (MTD`20), Online.","DOI":"10.1145\/3411496.3421221"},{"key":"ref_39","doi-asserted-by":"crossref","unstructured":"Park, J., Lee, Y., Kang, K., Lee, S., and Park, K. (2020). Ghost-MTD: Moving Target Defense via Protocol Mutation for Mission-Critical Cloud Systems. Energies, 13.","DOI":"10.3390\/en13081883"},{"key":"ref_40","doi-asserted-by":"crossref","first-page":"1653","DOI":"10.1109\/TNSM.2020.2987085","article-title":"Attack Graph-Based Moving Target Defense in Software-Defined Networks","volume":"17","author":"Yoon","year":"2020","journal-title":"IEEE Trans. Netw. Serv. Manag."},{"key":"ref_41","unstructured":"Groza, B., Popa, L., Murvay, P., Elovici, Y., and Shabtai, A. (2021, January 11\u201313). CANARY\u2014A reactive defense mechanism for Controller Area Networks based on Active RelaYs. Proceedings of the 30th USENIX Security Symposium, Online."},{"key":"ref_42","doi-asserted-by":"crossref","first-page":"70850","DOI":"10.1109\/ACCESS.2022.3188311","article-title":"Toward Software-Defined Networking-Based IoT Frameworks: A Systematic Literature Review, Taxonomy, Open Challenges and Prospects","volume":"10","author":"Siddiqui","year":"2022","journal-title":"IEEE Access"},{"key":"ref_43","doi-asserted-by":"crossref","first-page":"1419","DOI":"10.1109\/TNET.2020.2983976","article-title":"Detection and Mitigation of DoS Attacks in Software Defined Networks","volume":"28","author":"Gao","year":"2020","journal-title":"IEEE\/ACM Trans. Netw."},{"key":"ref_44","doi-asserted-by":"crossref","unstructured":"Shang, G., Zhe, P., Bin, X., Aiqun, H., and Kui, R. (2017, January 1\u20134). FloodDefender: Protecting data and control plane resources under SDN-aimed DoS attacks. Proceedings of the IEEE INFOCOM 2017\u2014IEEE Conference on Computer Communications, Atlanta, GA, USA.","DOI":"10.1109\/INFOCOM.2017.8057009"},{"key":"ref_45","doi-asserted-by":"crossref","first-page":"11935","DOI":"10.1109\/TVT.2023.3270859","article-title":"Digital Twin-Assisted Edge Computation Offloading in Industrial Internet of Things with NOMA","volume":"72","author":"Zhang","year":"2023","journal-title":"IEEE Trans. Veh. Technol."},{"key":"ref_46","doi-asserted-by":"crossref","unstructured":"Jain, S., Pappachan, P., Guajardo, J., Trieflinger, S., Raghupatruni, I., and Huber, T. (2023, January 5\u20137). CMP-SiL: Confidential Multi Party Software-in-the-Loop Simulation Frameworks. Proceedings of the 2023 24th International Symposium on Quality Electronic Design (ISQED), San Francisco, CA, USA.","DOI":"10.1109\/ISQED57927.2023.10129404"},{"key":"ref_47","doi-asserted-by":"crossref","unstructured":"Ravikumar, G., Hyder, B., and Govindarasu, M. (2020, January 6\u20137). Hardware-in-the-Loop CPS Security Architecture for DER Monitoring and Control Applications. Proceedings of the 2020 IEEE Texas Power and Energy Conference (TPEC), College Station, TX, USA.","DOI":"10.1109\/TPEC48276.2020.9042578"}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/24\/13\/4369\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T15:10:40Z","timestamp":1760109040000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/24\/13\/4369"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,7,5]]},"references-count":47,"journal-issue":{"issue":"13","published-online":{"date-parts":[[2024,7]]}},"alternative-id":["s24134369"],"URL":"https:\/\/doi.org\/10.3390\/s24134369","relation":{},"ISSN":["1424-8220"],"issn-type":[{"type":"electronic","value":"1424-8220"}],"subject":[],"published":{"date-parts":[[2024,7,5]]}}}