A Mutation-Service Deception Collaborative Moving Target Defense Method

NAVIGATE

Table of Contents

STATISTICS

Viewed9

Downloads33

A Mutation-Service Deception Collaborative Moving Target Defense Method

PDF下载 (33)

[1]ZHANG Jianhui,XU Sijie,ZENG Junjie,et al.A Mutation-Service Deception Collaborative Moving Target Defense Method[J].Journal of Zhengzhou University (Engineering Science),2027,48(XX):1-10.[doi:10.13705/j.issn.1671-6833.2026.04.019]

Copy

Journal of Zhengzhou University (Engineering Science)[ISSN 1671-6833/CN 41-1339/T] Volume: 48 Number of periods: 2027 XX Page number: 1-10 Column: Public date: 2027-12-10

Title:: A Mutation-Service Deception Collaborative Moving Target Defense Method

Author(s):: ZHANG Jianhui^1,2, XU Sijie¹, ZENG Junjie¹, WANG Ruimin³; (1. School of Cyber Science and Engineering, Zhengzhou University, Zhengzhou 450002, China; 2. Songshan Laboratory, Zhengzhou 450052, China; 3. School of Computer and Artificial Intelligence, Zhengzhou University, Zhengzhou 450001, China)

Keywords:: digital twin network; moving target defense; service deception; deep reinforcement learning

CLC:: TP302.1TP302.7

DOI:: 10.13705/j.issn.1671-6833.2026.04.019

Abstract:: To address the problem that mutation-based moving target defense (MTD) strategies in digital twin network (DTN) were discretely triggered and thus could not continuously intercept malicious traffic during trigger intervals, which might result in protection gaps, a mutation-service deception collaborative MTD method was proposed, termed MSD-MTD. Building upon address and service port mutation, MSD-MTD introduced a service deception mechanism to redirect suspicious traffic within mutation intervals, thereby enhancing continuous protection.Moreover, an intrusion detection approach based on cross-node traffic alignment and feature selection was employed to perceive network states, and a deep Q-network (DQN) was used to enable adaptive selection of MTD strategies. Comparative experiments were conducted on the Mininet-WiFi platform using the CICIDS-2017, CICIDS-2018, andUNSW-NB15 datasets, with performance benchmarked against two representative address-mutation methods. The results showed that MSD-MTD achieved average defense success rates of 93.36%, 88.20%, and 95.50% on the three datasets, respectively, while the round-trip time was mainly distributed within 0—2 ms, indicating that the proposed method improved defense effectiveness while imposing only a limited impact on network service latency.

References:: [1].Lin Xingqin, Kundu L, Dick C, et al. 6G digital twin networks: from theory to practice[J]. IEEE Communications Magazine, 2023, 61(11): 72-78.
[2].Nguyen H X, Trestian R, To D, et al. Digital twin for 5G and beyond [J]. IEEE Communications Magazine, 2021, 59(2): 10-15.
[3].Alcaraz C, Lopez J. Digital twin: a comprehensive survey of security threats[J]. IEEE Communications Surveys & Tutorials, 2022, 24(3): 1475-1503.
[4].Wang Weizheng, Yang Yaoqi, Khan L U, et al. Digital twin for wireless networks: security attacks and solutions[J]. IEEE Wireless Communications, 2024, 31(3):278-285.
[5].He Ke, Kim D D, Asghar M R. Adversarial machine learning for network intrusion detection systems: a comprehensive survey[J]. IEEE Communications Surveys & Tutorials, 2023, 25(1):538-566.
[6].Lei Cheng, Zhang Hongqi, Tan Jinglei, et al. Moving target defense techniques: a survey[J]. Security and Communication Networks, 2018, 2018: 3759626.
[7].Cho J H, Sharma D P, Alavizadeh H, et al. Toward proactive, adaptive defense: a survey on moving target defense[J]. IEEE Communications Surveys & Tutorials, 2020, 22(1): 709-745.
[8].Zhang Tao, Xu Changqiao, Lian Yibo, et al. When moving target defense meets attack prediction in digital twins: a convolutional and hierarchical reinforcement learning approach[J]. IEEE Journal on Selected Areas in Communications, 2023, 41(10): 3293-3305.
[9].Rehman Z, Gondal I, Ge Mengmeng, et al. Proactive defense mechanism: enhancing IoT security through diversity-based moving target defense and cyber deception[J]. Computers & Security, 2024, 139: 103685.
[10].Masud M T, Keshk M, Moustafa N, et al. Vulnerability defence using hybrid moving target defence in Internet of Things systems[J]. Computers & Security, 2025, 153: 104380.
[11].Zhou Yuyang, Cheng Guang, Ouyang Zhi, et al. Resource-efficient low-rate DDoS mitigation with moving target defense in edge clouds[J]. IEEE Transactions on Network and Service Management, 2025, 22(1): 168-186.
[12].Hu Hongchao, Zhang Shuaipu, Cheng Guozhen, et al. ReDoS defense method based on moving target defense in cloud-native environment[J] . Journal of Zhengzhou University (Engineering Science) , 2024, 45(2): 72-79.[扈红超,张帅普,程国振,等.云原生环境下基于移动目标防御的 ReDoS 防御方法[J]. 郑州大学学报(工学版), 2024, 45(2): 72-79.]
[13].Tan Jinglei, Jin Hui, Zhang Hongqi, et al. A survey: when moving target defense meets game theory[J]. Computer Science Review, 2023, 48: 100544.
[14].Zhang Tao, Xu Changqiao, Shen Jiahao, et al. How to disturb network reconnaissance: a moving target defense approach based on deep reinforcement learning[J]. IEEE Transactions on Information Forensics and Security, 2023, 18: 5735-5748.
[15].Beltrán-López P, Gil Pérez M, Nespoli P. Cyber deception: taxonomy, state of the art, frameworks, trends, and open challenges[J]. IEEE Communications Surveys & Tutorials, 2026, 28: 1520-1556.
[16].Pai V, Pai K, Manjunatha S, et al. Adaptive network anomaly detection using machine learning approaches[J]. EURASIP Journal on Information Security, 2025, 2025: 29.
[17].Luo Donghao, Wang Xue. ModernTCN: a modern pure convolution structure for general time series analysis[C]∥12th International Conference on Learning Representations. Appleton: ICLR, 2024: 1-43.
[18].Mnih V, Kavukcuoglu K, Silver D, et al. Human-level control through deep reinforcement learning[J]. Nature,2015, 518(7540): 529-533.
[19].Cui Mingxiu. DQN and dynamic feedback for multitask scheduling optimization in engineering management[J]. International Journal of Low-Carbon Technologies, 2024, 19: 2279-2286.
[20].Kumar P, Kumar R, Aljuhani A, et al. Digital twin-driven SDN for smart grid: a deep learning integrated blockchain for cybersecurity[J]. Solar Energy, 2023, 263: 111921.
[21].Li Qiuxiang, Wu Jianping. Optimizing the effectiveness of moving target defense in a probabilistic attack graph: a deep reinforcement learning approach[J]. Electronics, 2024, 13(19) : 3855.
[22].Sharafaldin I, Habibi Lashkari A, Ghorbani A A. Toward generating a new intrusion detection dataset and intrusion traffic characterization[C]∥4th International Conference on Information Systems Security and Privacy. Cham: Springer, 2018: 108-116.
[23].Registry of Open Data on AWS. A realistic cyber defense dataset ( CSE-CIC-IDS2018 ) [DS/OL]. [2026-03-19] . https:∥registry. opendata. aws/cse-cic-ids2018/.
[24].Moustafa N, Slay J. UNSW-NB15: a comprehensive data set for network intrusion detection systems ( UNSW-NB15 network data set) [C]∥Proceedings of the 2015 Military Communications and Information Systems Conference (MilCIS). Piscataway: IEEE, 2015: 1-6.
[25].Xu Xiaoyu, Hu Hao, Liu Yuling, et al. An adaptive IP hopping approach for moving target defense using a lightweight CNN detector[J]. Security and Communication Networks, 2021, 2021: 8848473.

Similar References:

Memo

Last Update: 2026-05-15