{"id":5682,"date":"2025-10-04T10:30:42","date_gmt":"2025-10-04T01:30:42","guid":{"rendered":"https:\/\/saraheee.com\/?p=5682"},"modified":"2025-10-10T22:18:02","modified_gmt":"2025-10-10T13:18:02","slug":"review27-survey-of-cyber-moving-targets-second-edition_2018","status":"publish","type":"post","link":"https:\/\/saraheee.com\/ko\/2025\/10\/review27-survey-of-cyber-moving-targets-second-edition_2018\/","title":{"rendered":"[review#27] Survey of Cyber Moving Targets Second Edition_2018"},"content":{"rendered":"<h2 class=\"wp-block-heading\">1. INTRODUCTION<\/h2>\n\n\n\n<p>\uc0ac\uc774\ubc84 \uacf5\uaca9\uc744 \uc5b4\ub835\uac8c \ub9cc\ub4e4\uae30 \uc704\ud574 \uc2dc\uc2a4\ud15c\uc744 \ub3d9\uc9c8\uc801(homogeneous), \uc815\uc801(static), \uacb0\uc815\ub860\uc801(deterministic)\uc774\uc9c0 \uc54a\uac8c \ub9cc\ub4dc\ub294 \uc0ac\uc774\ubc84 \uc774\ub3d9 \ud45c\uc801 \uae30\ubc95\uc758 \uac1c\uc694\ub97c \uc81c\uacf5\ud55c\ub2e4.<\/p>\n\n\n\n<p>\uac01 \uae30\ubc95\uc758 \uae30\uc220\uc801 \uc138\ubd80 \uc0ac\ud56d\uc744 \uc124\uba85\ud558\uace0, \ud574\ub2f9 \uae30\ubc95\uacfc \uc5f0\uad00\ub41c \uc801\uc808\ud55c \uc704\ud611 \ubaa8\ub378\uc744 \uc2dd\ubcc4\ud558\uba70, \uad6c\ud604 \ubc0f \uc6b4\uc601 \ube44\uc6a9\uc744 \ud30c\uc545\ud55c\ub2e4.<br>\ud604\uc7ac \uc81c\uc548\ub41c \uacf5\uaca9 \ubc0f \uc6b0\ud68c \uc545\uc6a9 \uc0ac\ub840\ub97c \ubc14\ud0d5\uc73c\ub85c \uac01 \uae30\ubc95\uc758 \ucde8\uc57d\uc810\uc744 \uc124\uba85\ud558\uace0, \ud574\ub2f9 \ubd84\uc57c\uc758 \ud5a5\ud6c4 \uc5f0\uad6c \ubc29\ud5a5\uc744 \uc81c\uc2dc\ud55c\ub2e4.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">1.1 Taxonomy of Moving-Target Techniques<\/h3>\n\n\n\n<p>five top-level categories, two subcategories of moving-target techniques<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"683\" src=\"https:\/\/saraheee.com\/wp-content\/uploads\/2025\/09\/image-4-1024x683.png\" alt=\"\" class=\"wp-image-5685\" srcset=\"https:\/\/saraheee.com\/wp-content\/uploads\/2025\/09\/image-4-1024x683.png 1024w, https:\/\/saraheee.com\/wp-content\/uploads\/2025\/09\/image-4-300x200.png 300w, https:\/\/saraheee.com\/wp-content\/uploads\/2025\/09\/image-4-768x512.png 768w, https:\/\/saraheee.com\/wp-content\/uploads\/2025\/09\/image-4.png 1322w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h4 class=\"wp-block-heading\">1. Dynamic Data<\/h4>\n\n\n\n<p>data format, syntax, encoding, or representation<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">2. Dynamic Software<\/h4>\n\n\n\n<p>\ucf54\ub4dc \uc790\uccb4 \ub610\ub294 \uc2e4\ud589 \uad6c\ubb38\uc744 \ub3d9\uc801\uc73c\ub85c \ubcc0\uacbd<br>\ud504\ub85c\uadf8\ub7a8 \uba85\ub839\uc5b4 \uc218\uc815<br>\ubcc0\uacbd \uc0ac\ud56d: \ud504\ub85c\uadf8\ub7a8 \uba85\ub839\uc5b4\uc758 \uc218\uc815, \uba85\ub839\uc5b4 \uc21c\uc11c \ubcc0\uacbd, \uba85\ub839\uc5b4 \uadf8\ub8f9\ud654 \ubcc0\uacbd, \uba85\ub839\uc5b4 \ud615\uc2dd \ubcc0\uacbd<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">3. Dynamic Runtime Environment<\/h4>\n\n\n\n<h5 class=\"wp-block-heading\">Address Space Randomization<\/h5>\n\n\n\n<p>\uba54\ubaa8\ub9ac \ub808\uc774\uc544\uc6c3\uc744 \ub3d9\uc801\uc73c\ub85c \ubcc0\uacbd\ud558\ub294 \uae30\uc220<br>\ud504\ub85c\uadf8\ub7a8 \ucf54\ub4dc, \ub77c\uc774\ube0c\ub7ec\ub9ac, \uc2a4\ud0dd\/\ud799, \uac1c\ubcc4 \ud568\uc218\uc758 \uc704\uce58<\/p>\n\n\n\n<h5 class=\"wp-block-heading\">Instruction Set Randomization<\/h5>\n\n\n\n<p>\uc6b4\uc601\uccb4\uc81c\uac00 \uc560\ud50c\ub9ac\ucf00\uc774\uc158\uc5d0 \uc81c\uacf5\ud558\ub294 \uc778\ud130\ud398\uc774\uc2a4\ub97c \ub3d9\uc801\uc73c\ub85c \ubcc0\uacbd\ud558\ub294 \uae30\uc220<br>\uc778\ud130\ud398\uc774\uc2a4 \ubc94\uc8fc: I\/O device \uc870\uc791\uc5d0 \uc0ac\uc6a9\ub418\ub294 \ud504\ub85c\uc138\uc11c \ubc0f \uc2dc\uc2a4\ud15c \ud638\ucd9c<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">4. Dynamic Platforms<\/h4>\n\n\n\n<p>\ud50c\ub7ab\ud3fc \uc18d\uc131\uc744 \ub3d9\uc801\uc73c\ub85c \ubcc0\uacbd\ud558\ub294 \uae30\uc220<br>&#8211; \uc608: OS \ubc84\uc804, CPU \uc544\ud0a4\ud14d\ucc98, OS \uc778\uc2a4\ud134\uc2a4, \ud50c\ub7ab\ud3fc \ub370\uc774\ud130 \ud615\uc2dd<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">5. Dynamic Networks<\/h4>\n\n\n\n<p>\ub124\ud2b8\uc6cc\ud06c \uc18d\uc131\uc744 \ub3d9\uc801\uc73c\ub85c \ubcc0\uacbd\ud558\ub294 \uae30\uc220<br>&#8211; \ub124\ud2b8\uc6cc\ud06c \uc18d\uc131 \uc608: \ud504\ub85c\ud1a0\ucf5c, \uc8fc\uc18c<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">1.2 Taxonomy of Attack Techniques<\/h3>\n\n\n\n<p>Common Attack Pattern Enumeration and Classification (CAPEC) attack<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">1. Data Leakage Attacks<\/h4>\n\n\n\n<p>\uc2dc\uc2a4\ud15c \ub0b4 \uc911\uc694 \uc815\ubcf4\ub97c \uc801\uadf9\uc801\uc73c\ub85c \ub178\ub9ac\ub294 \uacf5\uaca9<br>&#8211; \uc608: \uba54\ubaa8\ub9ac\uc5d0\uc11c \uc554\ud638\ud654 \ud0a4 \uc720\ucd9c<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">2. Resource Attacks<\/h4>\n\n\n\n<p>\uc2dc\uc2a4\ud15c \ub0b4 \uacf5\uc720 \uc790\uc6d0\uc744 \uace0\uac08\uc2dc\ud0a4\uac70\ub098 \uc870\uc791\ud558\ub294 \uacf5\uaca9<br>&#8211; \uc608: CPU \ud3ec\ud654 \uc0c1\ud0dc\ub97c \uc774\uc6a9\ud55c \uc11c\ube44\uc2a4 \uac70\ubd80 \uacf5\uaca9<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">3. Injection<\/h4>\n\n\n\n<p>\uc2dc\uc2a4\ud15c\uc5d0 \uc545\uc758\uc801\uc778 \ub3d9\uc791\uc744 \uac15\uc81c\ud558\ub294 \uacf5\uaca9<\/p>\n\n\n\n<h5 class=\"wp-block-heading\">a. Code Injection<\/h5>\n\n\n\n<p>\uc545\uc131 \ucf54\ub4dc\ub97c \uc0bd\uc785\ud558\uc5ec \uc2dc\uc2a4\ud15c\uc5d0 \uc545\uc758\uc801\uc778 \ub3d9\uc791\uc744 \uac15\uc81c\ud558\ub294 \uacf5\uaca9<br>&#8211; \uc608: \ubc84\ud37c \uc624\ubc84\ud50c\ub85c\uc6b0, \uc2a4\ud06c\ub9bd\ud2b8 \uc778\uc81d\uc158; SQL \uc778\uc81d\uc158<\/p>\n\n\n\n<h5 class=\"wp-block-heading\">b. Control Injection<\/h5>\n\n\n\n<p>\uc545\uc131 \ucf54\ub4dc \uc5c6\uc774 \uc2dc\uc2a4\ud15c\uc758 \uc81c\uc5b4\ub97c \uc870\uc791\ud558\uc5ec \uc545\uc758\uc801\uc778 \ub3d9\uc791\uc744 \uac15\uc81c\ud558\ub294 \uacf5\uaca9<br>&#8211; \uc81c\uc5b4\uc758 \ud3ec\ud568 \ubc94\uc704: \ud0c0\uc774\ubc0d \uc21c\uc11c, \ub2e4\uc591\ud55c \uc5f0\uc0b0\uc758 \uc778\uc790<br>&#8211; \uae30\uc874 \ucf54\ub4dc \uc870\uac01\ub4e4\uc744 \uc5f0\uacb0\ud558\uc5ec \uc545\uc758\uc801\uc778 \ub3d9\uc791\uc744 \ub2ec\uc131\ud558\ub294 \ub9ac\ud134 \uc9c0\ud5a5 \ud504\ub85c\uadf8\ub798\ubc0d (ROP)<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">4. Spoofing<\/h4>\n\n\n\n<p>\uc0ac\uc6a9\uc790\ub098 \uc2dc\uc2a4\ud15c\uc758 \uc2e0\uc6d0\uc744 \uc704\uc870\ud558\ub294 \uacf5\uaca9<br>&#8211; \uc608: \uc911\uac04\uc790 \uacf5\uaca9(man-in-the-middle attack), \ud53c\uc2f1 \uacf5\uaca9<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">5. Exploitation of Authentication (\uc778\uc99d \uc545\uc6a9)<\/h4>\n\n\n\n<p>\uc2dc\uc2a4\ud15c\uc758 \uba85\uc2dc\uc801 \ub610\ub294 \uc554\ubb35\uc801 \uc778\uc99d \ud504\ub85c\uc138\uc2a4\ub97c \uc190\uc0c1\uc2dc\ud0a4\ub294 \uacf5\uaca9<br>&#8211; \uc608: \ud06c\ub85c\uc2a4 \uc0ac\uc774\ud2b8 \uc2a4\ud06c\ub9bd\ud305<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">6. Exploitation of Privilege\/Trust (\uad8c\ud55c\/\uc2e0\ub8b0 \uc545\uc6a9)<\/h4>\n\n\n\n<p>\ubd80\uc5ec\ub41c \uad8c\ud55c\uc744 \uc624\uc6a9\ud558\ub294 \uacf5\uaca9<br>&#8211; \uc608: \uc138\uc158 \ud558\uc774\uc7ac\ud0b9<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">7. Scanning<\/h4>\n\n\n\n<p>\uc218\ub3d9\uc801\uc73c\ub85c \ub610\ub294 \ube44\uce68\uc785\uc801\uc778 \ubc29\uc2dd\uc73c\ub85c \uc815\ubcf4\ub97c \uc218\uc9d1\ud558\ub294 \uacf5\uaca9<br>&#8211; \uc608: \ud3ec\ud2b8 \uc2a4\uce90\ub2dd<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">8. Supply Chain\/Physical Attacks<\/h4>\n\n\n\n<p>\uc2dc\uc2a4\ud15c\uc758 \uacf5\uae09\ub9dd\uc774\ub098 \ubb3c\ub9ac\uc801 \ubcf4\uc548\uc744 \ub300\uc0c1\uc73c\ub85c \ud558\ub294 \uacf5\uaca9<br>&#8211; \uc608: \uc545\uc131 \ud504\ub85c\uc138\uc11c<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">1.3. Taxonomy of Entities Protected<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\">1. Applications<\/h4>\n\n\n\n<p>\ubaa8\ub4e0 \ub610\ub294 \ud2b9\uc815 \uc560\ud50c\ub9ac\ucf00\uc774\uc158\ub4e4\uc774 \ub124\ud2b8\uc6cc\ud06c \uc5d4\ud2f0\ud2f0\ub098 \ub3d9\uc77c \uc2dc\uc2a4\ud15c\uc5d0\uc11c \uc2e4\ud589\ub418\ub294 \ub2e4\ub978 \uc560\ud50c\ub9ac\ucf00\uc774\uc158\ub4e4\ub85c\ubd80\ud130 \ubcf4\ud638\ub428<br>&#8211; \uc608: \ub2e4\ub978 \uc560\ud50c\ub9ac\ucf00\uc774\uc158\uc73c\ub85c\ubd80\ud130 \uc560\ud50c\ub9ac\ucf00\uc774\uc158 \uba54\ubaa8\ub9ac \uc704\uce58 \ubcf4\ud638, \ub370\uc774\ud130\ubca0\uc774\uc2a4 \uc560\ud50c\ub9ac\ucf00\uc774\uc158 \ubcf4\ud638<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">2. Operating System<\/h4>\n\n\n\n<p>\uc6b4\uc601\uccb4\uc81c\uac00 \ub124\ud2b8\uc6cc\ud06c \uc5d4\ud2f0\ud2f0\ub098 \uadf8 \uc704\uc5d0\uc11c \uc2e4\ud589\ub418\ub294 \uc545\uc131 \uc560\ud50c\ub9ac\ucf00\uc774\uc158\uc73c\ub85c\ubd80\ud130 \ubcf4\ud638\ub428<br>\uc774 \ubcf4\ud638\ub294 \uc8fc\ub85c \uad8c\ud55c \uc0c1\uc2b9\uc774\ub098 \ucee4\ub110 \uacf5\uac04 \ubc0f \ub2e4\ub978 \uc560\ud50c\ub9ac\ucf00\uc774\uc158\uc5d0 \ub300\ud55c \uc811\uadfc\uc744 \ubc29\uc9c0\ud558\ub824 \ud568<br>&#8211; \uc608: \uc758\uc2ec\uc2a4\ub7ec\uc6b4 \uc560\ud50c\ub9ac\ucf00\uc774\uc158 \uc0cc\ub4dc\ubc15\uc2f1<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">3. Machine<\/h4>\n\n\n\n<p>\ubaa8\ub4e0 \ub610\ub294 \ud2b9\uc815 \uc720\ud615\uc758 \uba38\uc2e0(\ud074\ub77c\uc774\uc5b8\ud2b8, \ud638\uc2a4\ud2b8, \uc11c\ubc84\ub77c\uace0\ub3c4 \ud568)\uc774 \ub2e4\ub978 \ub124\ud2b8\uc6cc\ud06c \uc5d4\ud2f0\ud2f0\ub4e4\ub85c\ubd80\ud130 \ubcf4\ud638\ub428<br>&#8211; \uc608: \uc2a4\uce90\ub2dd\uc744 \uc5b4\ub835\uac8c \ud558\uae30 \uc704\ud55c IP \uc8fc\uc18c \ubcc0\uacbd, \ubc29\ud654\ubcbd \ub4a4\uc758 \uc6f9 \uc11c\ubc84 \ubcf4\ud638<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">4. Network<\/h4>\n\n\n\n<p>\ub124\ud2b8\uc6cc\ud06c\ub098 \uc11c\ube0c\ub137\uc774 \ub2e4\ub978 \ub124\ud2b8\uc6cc\ud06c\ub4e4\ub85c\ubd80\ud130 \ubcf4\ud638\ub428<br>&#8211; \uc608: \uc545\uc758\uc801\uc778 \uc5f0\uacb0\ub85c\ubd80\ud130 \ubcf4\ud638\ud558\uae30 \uc704\ud574 VPN \uac8c\uc774\ud2b8\uc6e8\uc774\uc758 IP \uc8fc\uc18c\ub97c \ub3d9\uc801\uc73c\ub85c \ubcc0\uacbd<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">5. Traffic<\/h4>\n\n\n\n<p>\ubaa8\ub4e0 \ub610\ub294 \ud2b9\uc815 \uc720\ud615\uc758 \ub124\ud2b8\uc6cc\ud06c \ud2b8\ub798\ud53d\uc774 \uae30\ubc00\uc131 \ubc0f\/\ub610\ub294 \ubb34\uacb0\uc131\uc774 \ubcf4\ud638\ub428<br>&#8211; \uc608: \ud2b8\ub798\ud53d \uc778\uc81d\uc158\uc744 \uc5b4\ub835\uac8c \ud558\uae30 \uc704\ud574 \ud504\ub85c\ud1a0\ucf5c\uc744 \ub3d9\uc801\uc73c\ub85c \ubcc0\uacbd<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">6. Session<\/h4>\n\n\n\n<p>\uc0ac\uc6a9\uc790 \uc791\uc5c5 \uc138\ud2b8(\uc138\uc158 \ub610\ub294 \ud2b8\ub79c\uc7ad\uc158)\uac00 \ub2e4\ub978 \uc2e0\ub8b0\ud560 \uc218 \uc5c6\ub294 \uc791\uc5c5\uc73c\ub85c\ubd80\ud130 \ubcf4\ud638\ub428<br>&#8211; \uc608: \ub3d9\uc77c \uba38\uc2e0\uc5d0\uc11c \ube0c\ub77c\uc6b0\uc9d5\ub41c \ub2e4\ub978 \uc6f9 \ud398\uc774\uc9c0\ub85c\ubd80\ud130 \ubcf4\uc548 \uc6f9 \ud2b8\ub79c\uc7ad\uc158 \ubcf4\ud638<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">7. Data<\/h4>\n\n\n\n<p>\uc560\ud50c\ub9ac\ucf00\uc774\uc158\uc774 \ucc98\ub9ac\ud558\uac70\ub098 \uba38\uc2e0\uc5d0 \uc800\uc7a5\ub41c \ub370\uc774\ud130\uc758 \uae30\ubc00\uc131 \ub610\ub294 \ubb34\uacb0\uc131\uc774 \ubcf4\ud638\ub428<br>&#8211; \uc608: \uc545\uc758\uc801\uc778 \ub370\uc774\ud130 \uc218\uc815\uc744 \ubc29\uc9c0\ud558\uae30 \uc704\ud55c \ub370\uc774\ud130 \uc778\ucf54\ub529 \ubcc0\uacbd<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">1.4 Cyber Kill Chain<\/h3>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"276\" src=\"https:\/\/saraheee.com\/wp-content\/uploads\/2025\/09\/image-5-1024x276.png\" alt=\"\" class=\"wp-image-5688\" srcset=\"https:\/\/saraheee.com\/wp-content\/uploads\/2025\/09\/image-5-1024x276.png 1024w, https:\/\/saraheee.com\/wp-content\/uploads\/2025\/09\/image-5-300x81.png 300w, https:\/\/saraheee.com\/wp-content\/uploads\/2025\/09\/image-5-768x207.png 768w, https:\/\/saraheee.com\/wp-content\/uploads\/2025\/09\/image-5.png 1490w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">1.5 Taxonomy of Weaknesses<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\">1. Overcome Movement<\/h4>\n\n\n\n<p>\uc6c0\uc9c1\uc784\uc774 \ubc1c\uc0dd\ud558\uace0 \uadf8 \ud328\ud134\uc774 \ubb34\uc791\uc704\uc774\uac70\ub098 \ud1b5\uc81c\ub418\ub354\ub77c\ub3c4, \uacf5\uaca9\uc790\uac00 MT \uae30\uc220\ub85c \ubcf4\ud638\ub41c \ud45c\uba74\uc744 \uc5ec\uc804\ud788 \uacf5\uaca9\ud560 \uc218 \uc788\ub294 \ucde8\uc57d\uc810<br>&#8211; \uc608: \uc8fc\uc18c \uacf5\uac04 \ubb34\uc791\uc704\ud654\ub97c \uadf9\ubcf5\ud558\uae30 \uc704\ud574 \uc775\uc2a4\ud50c\ub85c\uc787\uc758 \ub9ce\uc740 \ubcf5\uc0ac\ubcf8\uc744 \uc8fc\uc785\ud558\ub294 \uac83<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">2. Predict Movement<\/h4>\n\n\n\n<p>\uc6c0\uc9c1\uc784\uc774 \ubc1c\uc0dd\ud558\uace0 \uadf8 \ud328\ud134\uc774 \ubb34\uc791\uc704\uc774\uac70\ub098 \ud1b5\uc81c\ub418\ub354\ub77c\ub3c4, \uacf5\uaca9\uc790\uac00 MT \uae30\uc220\ub85c \ubcf4\ud638\ub41c \ud45c\uba74\uc744 \uc5ec\uc804\ud788 \uacf5\uaca9\ud560 \uc218 \uc788\ub294 \ucde8\uc57d\uc810<br>&#8211; \uc608: \ub77c\uc774\ube0c\ub7ec\ub9ac\uc758 \uc704\uce58\ub97c \uc608\uce21\ud558\uae30 \uc704\ud574 \uc8fc\uc18c\ub97c \uc720\ucd9c\ud558\ub294 \uac83<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">3. Limit Movement<\/h4>\n\n\n\n<p>\uc6c0\uc9c1\uc784\uc740 \ubc1c\uc0dd\ud558\uc9c0\ub9cc, \uadf8 \ud328\ud134\uc774 \uacf5\uaca9\uc790\uc758 \ud589\ub3d9\uc5d0 \uc758\ud574 \uc81c\ud55c\ub418\ub294 \ucde8\uc57d\uc810<br>&#8211; \uc608: \uc8fc\uc18c \uacf5\uac04 \ubb34\uc791\uc704\ud654\uc758 \ubb34\uc791\uc704\uc131\uc744 \uc81c\ud55c\ud558\uae30 \uc704\ud574 \uba54\ubaa8\ub9ac\ub97c \ucc44\uc6b0\ub294 \uac83(\ucf54\ub4dc \uc2a4\ud504\ub808\uc774)<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">4. Disable Movement<\/h4>\n\n\n\n<p>\uacf5\uaca9\uc790\uac00 \uba85\uc2dc\uc801\uc73c\ub85c \uc6c0\uc9c1\uc784\uc744 \ube44\ud65c\uc131\ud654\ud558\ub294 \ucde8\uc57d\uc810<br>&#8211; \uc608: \uc798\ubabb\ub41c \uc124\uc815\uc744 \ud478\uc2dc\ud558\uc5ec OS\uc5d0\uc11c \uc8fc\uc18c \uacf5\uac04 \ubb34\uc791\uc704\ud654\ub97c \ube44\ud65c\uc131\ud654\ud558\ub294 \uac83<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">1.6 Scope<\/h3>\n\n\n\n<p>2011\ub144 \ubc84\uc804 \uc774\ud6c4 100\uac1c \uc774\uc0c1\uc758 \uc18c\uc2a4 \uc2dd\ubcc4<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">1.7 Organization<\/h3>\n\n\n\n<p>\ud2b9\ubcc4\ud788 \uac15\uc870\ub418\ub294 \uce21\uba74: \uac01 \uae30\uc220\uc758 \ubc30\ud3ec \ube44\uc6a9, \uad6c\ud604 \ubc0f \uc6b4\uc601\uc758 \ubcf5\uc7a1\uc131, \ub300\uc0c1\uc73c\ub85c \ud558\ub294 \uc0ac\uc774\ubc84 \ud0ac\uccb4\uc778 \uce21\uba74<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">2. DYNAMIC DATA<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">2.1 Data Diversity Through Fault Tolerance<\/h3>\n\n\n\n<p><\/p>\n\n\n\n<p>2.2 Redundant Data Diversity 10<\/p>\n\n\n\n<p>2.3 Data Randomization 14<\/p>\n\n\n\n<p>2.4 End-to-End Software Diversification 17<\/p>\n\n\n\n<p>2.5 Diglossia 21<\/p>\n\n\n\n<p>2.6 NOMAD 24<\/p>\n\n\n\n<p>2.7 HERMES 27<\/p>\n\n\n\n<p>2.8 Content Randomization of Microsoft O\ufb03ce Documents 30<\/p>\n\n\n\n<p>3. DYNAMIC SOFTWARE 33<\/p>\n\n\n\n<p>3.1 CCFIR: Compact Control Flow Integrity and Randomization <\/p>\n\n\n\n<p>3.2 Software Diversity Using Distributed Coloring <\/p>\n\n\n\n<p>3.3 Security Agility for Dynamic Execution Environments <\/p>\n\n\n\n<p>3.4 Proactive Obfuscation 42<\/p>\n\n\n\n<p>3.5 Program Di\ufb00erentiation 45<\/p>\n\n\n\n<p>3.6 Program Partitioning and Circuit Variation 3.7 librando 51<\/p>\n\n\n\n<p>3.8 RedHerring 54<\/p>\n\n\n\n<p>3.9 Reverse Stack Execution in a Multivariant Execution Environment <\/p>\n\n\n\n<p>3.10 GenProg: A Generic Method for Automatic Software Repair <\/p>\n\n\n\n<p>3.11 Distributed Application Tamper Detection Via Continuous Software Updates 33<\/p>\n\n\n\n<p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">References<\/h3>\n\n\n\n<p>Ward, B. C., Gomez, S. R., Skowyra, R., Bigelow, D., Martin, J., Landry, J., &amp; Okhravi, H. (2018). <em>Survey of cyber moving targets second edition<\/em> (No. TR1228).<\/p>\n\n\n\n<p><br>C.A.P. Enumeration, \u201cClassification (CAPEC),\u201d (2013), https:\/\/capec.mitre.org.<\/p>\n\n\n\n<p><\/p>","protected":false},"excerpt":{"rendered":"<p>This report is the result of studies performed at Lincoln Laboratory, a federally funded research and development center operated by Massachusetts Institute of Technology.<\/p>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[145,108],"tags":[237,128],"class_list":["post-5682","post","type-post","status-publish","format-standard","hentry","category-mtd","category-paper-review","tag-cyber-attack","tag-moving-target-defense"],"_links":{"self":[{"href":"https:\/\/saraheee.com\/ko\/wp-json\/wp\/v2\/posts\/5682"}],"collection":[{"href":"https:\/\/saraheee.com\/ko\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/saraheee.com\/ko\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/saraheee.com\/ko\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/saraheee.com\/ko\/wp-json\/wp\/v2\/comments?post=5682"}],"version-history":[{"count":8,"href":"https:\/\/saraheee.com\/ko\/wp-json\/wp\/v2\/posts\/5682\/revisions"}],"predecessor-version":[{"id":5697,"href":"https:\/\/saraheee.com\/ko\/wp-json\/wp\/v2\/posts\/5682\/revisions\/5697"}],"wp:attachment":[{"href":"https:\/\/saraheee.com\/ko\/wp-json\/wp\/v2\/media?parent=5682"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/saraheee.com\/ko\/wp-json\/wp\/v2\/categories?post=5682"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/saraheee.com\/ko\/wp-json\/wp\/v2\/tags?post=5682"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}