EconPapers    
Economics at your fingertips  
 

Moving target defence: Economics and asymmetry

Don Maclean
Additional contact information
Don Maclean: DLT – A Tech Data Company`, USA

Cyber Security: A Peer-Reviewed Journal, 2020, vol. 3, issue 4, 294-307

Abstract: In cyberspace, warfare is asymmetric. It takes only a small army of well-trained hackers to inflict major damage on a much larger adversary. Ironically, the inequity stems from standardisation. When bad actors find a vulnerability in a popular application or operating system, they can exploit it on millions of systems, yielding exponential reward for linear effort. The hacker’s advantage, then, is economic rather than technical. Unless and until we reverse this dynamic, the adversary will have the advantage. Moving target defence (MTD), also called polymorphic defence, has the potential to diminish the enemy’s asymmetric advantage. This paper surveys the major MTD technologies currently on the market and under development, with special attention to dynamic runtime environments. In particular, it explores how each technology might reverse, or at least mitigate, the economic leverage the enemy now exerts when discovering and exploiting vulnerabilities.

Keywords: moving target defence (MTD); polymorphic; address space layout randomisation (ASLR); instruction set randomisation (ISR); attack surface; honeypot; honeynet; diversity (search for similar items in EconPapers)
JEL-codes: M15 (search for similar items in EconPapers)
Date: 2020
References: Add references at CitEc
Citations:

Downloads: (external link)
https://hstalks.com/article/5809/download/ (application/pdf)
https://hstalks.com/article/5809/ (text/html)
Requires a paid subscription for full access.

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:aza:csj000:y:2020:v:3:i:4:p:294-307

Access Statistics for this article

More articles in Cyber Security: A Peer-Reviewed Journal from Henry Stewart Publications
Bibliographic data for series maintained by Henry Stewart Talks ().

 
Page updated 2025-03-19
Handle: RePEc:aza:csj000:y:2020:v:3:i:4:p:294-307