移動目標防禦（Moving Target Defense）研究中已實現在工業控制網路環境抵禦多種惡意行為。然而大部分相關的研究都將重點放在如何有效率的變更IP位址與IP更換的方式，鮮少有針對IP位址更換頻率進行研究，其結果為使用者無法取得一個適當的位址更換頻率。有鑑於此，本研究會先探討IP位址更換頻率、伺服器效能及安全性的關係，根據先前研究成果得知，IP位址更換頻率愈高雖然能為整體來說帶來更高的安全性，但會犧牲的伺服器的效能與系統資源利用率。為了解決如何最佳化IP位址更換頻率並且在安全性與變更時間取得平衡，本研究接著會導入隨機程序，利用馬可夫鏈計算IP位址更換頻率與整體安全分數的關係並以實驗驗證，並與結合入侵偵測系統應用於使用移動目標防禦的工業控制系統上。

Most of the Moving Target Defense’s related researches focus on the method of IP address replacement and how to change the IP address efficiently. The studies for the address-changing frequency are shortage, and the user is hard to have the appropriate frequency for the system. According to previous researches, we can know that the higher the address-changing frequency, the higher the system security. However, the utilization of system resources and the performance of the server are sacrificed. In our paper, we propose a Moving Target Defense system’s security- quantification result. We will use experiments to verify its correctness and show how to achieve the balance between security and system resource by stochastic process. Our research makes the Moving Target Defense system present more powerful applications. In addition, we will demonstrate a more friendly resource utilization MTD system with intrusion detection system.

[1] Kevin E. Hemsley& Ronald E. Fisher, History of Industrial Control System Cyber Incidents, Idaho National Laboratory, 2018.
[2] Matthew Dunlop, Stephen Groat, William Urbanski, Randy Marchany& Joseph Tront, “MT6D: A Moving Target IPv6 Defense,” in MILCOM 2011 Military Communications Conference, Baltimore, MD, USA, 2011.
[3] Chuan-Gang Liu, Chin-Jui Wu, I-Hsien Liu, Chi, Chi Che Wu& Jung Shian Li, “Security Protection with Dynamic Assigned Address Mechanism in Industrial Control Systems,” 2020 ACM International Conference on Intelligent Computing and its Emerging Applications, Gangwon, Republic of Korea, 27 Sept., 2020.
[4] Keith Stouffer, Victoria Pillitteri, Suzanne Lightman, Marshall Abrams& Adam Hahn, “Guide to Industrial Control Systems (ICS) Security (NIST Special Publication 800-82 Revision 2),” 2015. [Online]. Available: http://dx.doi.org/10.6028/NIST.SP.800-82r2. [Accessed 10 January 2022].
[5] Modbus Organization,“MODBUS MESSAGING ON TCP/IP IMPLEMENTATION GUIDE v1.0b,” 2006. [Online]. Available: https://www.modbus.org/docs/Modbus_Messaging_Implementation_Guide_V1_0b.pdf. [Accessed 10 January 2022].
[6] Modbus Organization,“MODBUS APPLICATION PROTOCOL SPECIFICATION V1.1b3,” 2012. [Online]. Available: https://modbus.org/docs/Modbus_Application_Protocol_V1_1b3.pdf. [Accessed 10 January 2022].
[7] William Knowles, Daniel Prince, David Hutchison, Jules Ferdinand Pagna Disso& Kevin Jones,“A survey of cyber security management in industrial control systems,” International Journal of Critical Infrastructure Protection, vol. 9, pp. 52-80, 2015.
[8] Robert M. Lee, Michael J. Assante& Tim Conway,“Analysis of the Cyber Attack on the Ukrainian Power Grid Defense Use Case,” Electricity Information Sharing and Analysis Center (E-ISAC), Washington, March 18, 2016.
[9] Alexander Adamov, Anders Carlsson& Tomasz Surmacz,“An Analysis of LockerGoga Ransomware,” 2019 IEEE East-West Design & Test Symposium (EWDTS), Batumi, Georgia, 13-16 Sept., 2019.
[10] Bergal Jenni,“Florida Hack Exposes Danger to Water Systems,” 2021. [Online]. Available: https://www.pewtrusts.org/zh/research-and-analysis/blogs/stateline/2021/03/10/florida-hack-exposes-danger-to-water-systems. [Accessed 10 January 2022].
[11] Vahid Heydari, Seong-Moo Yoo, Sun-il Kim,“Secure VPN Using Mobile IPv6 Based Moving Target Defense,” Washington, DC, USA, 4-8 Dec., 2016.
[12] Vahid Heydari,“Moving Target Defense for Securing SCADA Communications,” IEEE Access, vol. 6, pp. 33329 - 33343, 2018.
[13] Cheng Lei, Duo-He Ma& Hong-Qi Zhang,“Optimal Strategy Selection for Moving Target Defense Based on Markov Game,” IEEE Access, vol. 5, pp. 156 - 169, 2017.
[14] Jing-lei Tan, Cheng Lei, Hong-qi Zhang& Yu-qiao Cheng,“Optimal strategy selection approach to moving target defense based on Markov robust game,” Computers & Security, vol. 85, pp. 63-76, August 2019.
[15] Cheng Lei, Hong-Qi Zhang, Li-Ming Wan, Lu Liu& Duo-he Ma,“Incomplete information Markov game theoretic approach to strategy generation for moving target defense,” Computer Communications, vol. 116, pp. 184-199, 2018.
[16] Gordon Fyodor Lyon,“Nmap Cookbook: The fat-free guide to network scanning,” 1997. [Online]. Available: https://nmap.org/book/man.html. [Accessed 9 January 2022].
[17] Alex Conta, Stephen Deering& Mukesh Gupta,“Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification,” 2006. [Online]. Available: https://datatracker.ietf.org/doc/html/rfc4443. [Accessed 9 Jauary 2022].
[18] Stephen E. Deering, William C. Fenner& Brian Haberman,“Multicast Listener Discovery (MLD) for IPv6,” 1999. [Online]. Available: https://datatracker.ietf.org/doc/html/rfc2710. [Accessed 9 Jauary 2022].
[19] Fernando Gont,“A Method for Generating Semantically Opaque Interface Identifiers with IPv6 Stateless Address Autoconfiguration (SLAAC),” 2014. [Online]. Available: https://datatracker.ietf.org/doc/html/rfc7217. [Accessed 9 Jauary 2022].
[20] Sheldon M. Ross, Introduction to Probability Models, 11th ed., ELSEVIER, 2019.
[21] Yen-Yu Chen, I-Hsien Liu, Chi-Che Wu, Chuan-Gang Liu& Jung-Shian Li,“The Effect of Node Deployment for MT6D in Industry Control System,” 2021 International Siberian Conference on Control and Communications (SIBCON), Kazan, Russia, 25 May, 2021.