Phases of Attacks
If the environment stays static, the attacker has time to identify existing vulnerabilities to be exploited.
However, if the life cycle of an application version ins much shorter than it takes for the attacker to launch the attack as it will be, the attacker will not be able to succeed in exploiting any existing vulnerabilities in the cloud application.
Current Static Network/System
- The attacker have time to study the network of defender and to determine potential vulnerabilities and choose the time of attack and gain the maximum benefit.
- Once an attacker acquires a privilege, that privilege can be maintained for a long time without being detected.
Objective of Moving Target Defense
Moving target defense aims at continuously changing a system’s attack surface, and thus
- increase the uncertainty, complexity and cost for attackers
- limit the exposure of vulnerabilities
- ultimately increase overall resiliency
- reduce information asymmetry between the attacker and the defender
- and ultimately rendering the reconnaissance information misleading or uesless
 Simulation-based Approaches to Studying Effectiveness of Moving-Target Network Defense, by Rui Zhuang, Su Zhang, Scott A. Deloach, Xinming Ou, and Anoop Singhal, in MTD 2015