MTD-Playground: An Attacker-Aware Evaluation Framework for Network Moving Target Defense

πŸ“… 2026-07-13
πŸ“ˆ Citations: 0
✨ Influential: 0
πŸ“„ PDF
πŸ€– AI Summary
This study addresses the fragmentation and limited reproducibility in existing Moving Target Defense (MTD) evaluations, which stem from the absence of a unified attacker model, consistent scenarios, and standardized metrics. To overcome these limitations, this work proposes MTD-Playgroundβ€”the first comprehensive, attacker-oriented evaluation framework designed for benchmarking SDN-based path randomization MTD techniques within enterprise-level multi-stage attack scenarios. The framework introduces an innovative composite evaluation paradigm that jointly considers security effectiveness, system performance, and deployment feasibility. Experimental results demonstrate that aggressive mutation strategies can reduce attack success rates to 4–20%, extend attack completion times to 160–311 seconds, increase network throughput by 30.9%, decrease internal path latency, and achieve these gains without causing service disruption.
πŸ“ Abstract
Moving Target Defense (MTD) has emerged as a proactive network cyber defense paradigm that increases attacker uncertainty through dynamic network reconfiguration techniques such as Software-Defined Networking (SDN)-enabled path randomization. However, existing evaluations remain fragmented due to inconsistent attacker assumptions, attack scenarios, and evaluation metrics, limiting reproducibility and deployment-oriented comparison. In this paper, we present MTD-Playground, an attacker-aware evaluation framework for benchmarking SDN-enabled path-randomization (PR) MTD techniques under realistic enterprise-style multi-stage attack scenarios. Beyond isolated security and performance metrics, MTD-Playground introduces a composite evaluation methodology for analyzing deployment effectiveness, mutation-interval trade-offs, and defender-attacker operational balance. Using periodic path randomization as a representative PR-MTD strategy, our evaluation shows that aggressive mutation intervals reduce attack success rates to 4-20% while increasing attack completion time to 160-311s across evaluated attack scenarios. At the same time, PR-MTD improves throughput by up to 30.9% and reduces internal-path latency without service interruption. Composite analysis further shows that shorter mutation intervals consistently achieve the highest deployment effectiveness and positive defender advantage. These results demonstrate that SDN-based PR-MTD can substantially disrupt multi-stage attack progression while remaining practically deployable in enterprise environments.
Problem

Research questions and friction points this paper is trying to address.

Moving Target Defense
evaluation framework
attacker assumptions
attack scenarios
evaluation metrics
Innovation

Methods, ideas, or system contributions that make the work stand out.

Moving Target Defense
SDN-enabled path randomization
attacker-aware evaluation
composite evaluation methodology
mutation interval
M
Mohammad Farhad
The Center for Advanced Computer Studies (CACS), School of Computing and Informatics, University of Louisiana at Lafayette, Lafayette, LA 70504, USA; AICSIL Research Lab, CACS, Lafayette, LA 70504, USA
M
Mohoshin Ara Tahera
The Center for Advanced Computer Studies (CACS), School of Computing and Informatics, University of Louisiana at Lafayette, Lafayette, LA 70504, USA; AICSIL Research Lab, CACS, Lafayette, LA 70504, USA
P
Padam Jung Thapa
The Center for Advanced Computer Studies (CACS), School of Computing and Informatics, University of Louisiana at Lafayette, Lafayette, LA 70504, USA
S
Shuvalaxmi Dass
The Center for Advanced Computer Studies (CACS), School of Computing and Informatics, University of Louisiana at Lafayette, Lafayette, LA 70504, USA; AICSIL Research Lab, CACS, Lafayette, LA 70504, USA
Bhupendra Acharya
Bhupendra Acharya
University of Louisiana at Lafayette
Web Security and PrivacyInternet CybercrimeWeb Measurement