Moving target defense for in-vehicle software-defined networking: IP shuffling in network slicing with multiagent deep reinforcement learning

Seunghyun Yoon; Jin-Hee Cho; Dong Seong Kim; Terrence J. Moore; Frederica F. Nelson; Hyuk Lim; Nandi Leslie; Charles Kamhoua

doi:10.1117/12.2557850

21 April 2020 Moving target defense for in-vehicle software-defined networking: IP shuffling in network slicing with multiagent deep reinforcement learning

Seunghyun Yoon, Jin-Hee Cho, Dong Seong Kim, Terrence J. Moore, Frederica F. Nelson, Hyuk Lim, Nandi Leslie, Charles Kamhoua

Author Affiliations +

Proceedings Volume 11413, Artificial Intelligence and Machine Learning for Multi-Domain Operations Applications II; 114131U (2020) https://doi.org/10.1117/12.2557850
Event: SPIE Defense + Commercial Sensing, 2020, Online Only

Abstract

Moving target defense (MTD) is an emerging defense principle that aims to dynamically change attack surface to confuse attackers. By dynamic reconfiguration, MTD intends to invalidate the attacker's intelligence or information collection during reconnaissance, resulting in wasted resources and high attack cost/complexity for the attacker. One of the key merits of MTD is its capability to offer 'affordable defense,' by working with legacy defense mechanisms, such as intrusion detection systems (IDS) or other cryptographic mechanisms. On the other hand, a well-known drawback of MTD is the additional overhead, such as reconfiguration cost and/or potential interruptions of service availability to normal users. In this work, we aim to develop a highly secure, resilient, and affordable MTD-based proactive defense mechanism, which achieves multiple objectives of minimizing system security vulnerabilities and defense cost while maximizing service availability. To this end, we propose a multi-agent Deep Reinforcement Learning (mDRL)-based network slicing technique that can help determine two key resource management decisions: (1) link bandwidth allocation to meet Quality-of-Service requirements and (2) the frequency of triggering IP shuffling as an MTD operation not to hinder service availability by maintaining normal system operations. Specifically, we apply this strategy in an in-vehicle network that uses software-defined networking (SDN) technology to deploy the IP shuffling-based MTD, which dynamically changes IP addresses assigned to electronic control unit (ECU) nodes to introduce uncertainty or confusion for attackers.

Citation Download Citation

Seunghyun Yoon, Jin-Hee Cho, Dong Seong Kim, Terrence J. Moore, Frederica F. Nelson, Hyuk Lim, Nandi Leslie, and Charles Kamhoua "Moving target defense for in-vehicle software-defined networking: IP shuffling in network slicing with multiagent deep reinforcement learning", Proc. SPIE 11413, Artificial Intelligence and Machine Learning for Multi-Domain Operations Applications II, 114131U (21 April 2020); https://doi.org/10.1117/12.2557850

ACCESS THE FULL ARTICLE

INSTITUTIONAL
Select your institution to access the SPIE Digital Library.

SELECT YOUR INSTITUTION

PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.

PERSONAL SIGN IN

No SPIE Account? Create one

PURCHASE THIS CONTENT

SUBSCRIBE TO DIGITAL LIBRARY

50 downloads per 1-year subscription

Members: $195

Non-members: $335 ADD TO CART

25 downloads per 1 - year subscription

Members: $145

Non-members: $250 ADD TO CART

PURCHASE SINGLE ARTICLE

Includes PDF, HTML & Video, when available