Design and Implementation of a Selection Framework for Moving Target Defense

State: completed by Nicolas Huber

Moving-Target-Defense (MTD) is a paradigm within cybersecurity to proactively and dynamically deter attackers which rely on the static nature of the attack target [1]. Such approaches, which involve the constant movement of parameters defined on the attack surface, have been successfully applied in constrained contexts such as IoT devices [2].


In the context of ElectroSense, a crowdsensing initiative aiming to collect and analyze spectrum data [3], the security of IoT devices is critical. Thus, a set of scripts that enact MTD-based countermeasures were developed at the UZH. This thesis demands to research, design, implement and evaluate a selection framework for such MTD-based approaches. Since this thesis is carried out targeting the context of the ElectroSense project, such a selection framework must apply to malware affecting resource-constrained devices. As such, the deliverable of this thesis should interface with previously developed solutions such as (i) the aforementioned mitigation scripts and (ii) an attack detection and classification component which can provide the necessary input to the selection framework.


[1] R. E. Navas, F. Cuppens, N. Boulahia Cuppens, L. Toutain and G. Z. Papadopoulos, "MTD, Where Art Thou? A Systematic Review of Moving Target Defense Techniques for IoT," in IEEE Internet of Things Journal, vol. 8, no. 10, pp. 7818-7832, 15 May15, 2021

[2] A., Abdulrahman & Gampa, Srikanth & Singh, Gurtaj. "Privacy-Preserving IoT Devices". 1-5, 2019

[3] ElectroSense: "Collaborative Spectrum Monitoring", https://electrosense.org/#!/, Last Visit February 2, 2022

30% Research, 30% Design, 30% Implementation, 10% Documentation
Basic Familiarity or Interest in Cybersecurity

Supervisors: Jan von der Assen

back to the main page