ScholarWorks@중앙대학교

초록

Effective cyber defense requires adaptive strategies when adversarial capabilities are uncertain. Moving Target Defense (MTD) reduces attack predictability by dynamically reconfiguring network parameters, yet existing evaluation frameworks assume complete knowledge of attacker behavior, an unrealistic assumption in operational settings. We introduce an Adversarial Risk Analysis-enhanced MTD (ARA-MTD) framework that explicitly models uncertainty across diverse adversary paradigms. Our approach integrates epidemic-based network dynamics, Bayesian belief updating, and risk-averse optimization to evaluate robust defense policies under incomplete information. We formalize three canonical adversary types including static, learning, and strategic, and derive quantitative metrics for MTD power degradation, cross-paradigm robustness, and uncertainty entropy. Evaluation across multiple network topologies demonstrates that MTD effectiveness degrades by up to 73% as adversarial sophistication increases, but ARA-based optimization recovers 27% of lost robustness while maintaining tail-risk below 5%. Comparative analysis against six state-of-the-art MTD strategies shows ARA-MTD achieves 82% effectiveness versus 58–74% for baselines, with 30–95% higher robustness (R(M)=0.82) and superior cost-efficiency (ρ=0.47). Scalability evaluation across 100–10,000 node networks demonstrates sub-second decision times (680 ms for 5000 nodes). The framework accommodates multi-stage Advanced Persistent Threats through continuous belief updating, providing practitioners with empirically validated strategies effective across plausible adversarial behaviors.

키워드