<p>The Edge-Cloud Computing paradigm has played a major role in the process of increasing the performance of services offered by IT companies. The goal is to merge both benefits of Cloud and Edge combined with the introduction of Internet of Things (IoT) devices. Each node is connected to the Internet, hence network, data, and communication security are crucial to avoid vulnerability exploitation by malicious actors. A promising dynamic solution for these different security issues is the Moving Target Defense (MTD) paradigm. Its core is the development of strategies able to reconfigure systems over time to thwart malicious actors’ advantages over a static system, increasing its security and resilience. Despite the great interest shown by the scientific community in this topic, the state-of-the-art analysed highlights that the applicability of this paradigm is limited, due to the cost and complexity of its integration into real-world operating systems. With this paper, we propose two different contributions: i) First, we carried out a Systematic Literature Review to identify open Research Questions aimed at discovering target architectures, implementation challenges and benefits, existing evaluation metrics, triggering mechanisms, automation, and attack surface models. The SLR helped us to understand the state-of-the-art and to expand it by further discussing the integration of AI. ii) Then, we extracted a catalogue of proposed techniques, and classified them by the target platform, the architectural level involved, and their level of maturity (including the availability of a prototype or a pseudo-code implementation).</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Moving target defense in Edge-Cloud systems: a systematic literature review

  • Valentina Casola,
  • Alessandra De Benedictis,
  • Daniele Iorio

摘要

The Edge-Cloud Computing paradigm has played a major role in the process of increasing the performance of services offered by IT companies. The goal is to merge both benefits of Cloud and Edge combined with the introduction of Internet of Things (IoT) devices. Each node is connected to the Internet, hence network, data, and communication security are crucial to avoid vulnerability exploitation by malicious actors. A promising dynamic solution for these different security issues is the Moving Target Defense (MTD) paradigm. Its core is the development of strategies able to reconfigure systems over time to thwart malicious actors’ advantages over a static system, increasing its security and resilience. Despite the great interest shown by the scientific community in this topic, the state-of-the-art analysed highlights that the applicability of this paradigm is limited, due to the cost and complexity of its integration into real-world operating systems. With this paper, we propose two different contributions: i) First, we carried out a Systematic Literature Review to identify open Research Questions aimed at discovering target architectures, implementation challenges and benefits, existing evaluation metrics, triggering mechanisms, automation, and attack surface models. The SLR helped us to understand the state-of-the-art and to expand it by further discussing the integration of AI. ii) Then, we extracted a catalogue of proposed techniques, and classified them by the target platform, the architectural level involved, and their level of maturity (including the availability of a prototype or a pseudo-code implementation).