This is a JAVA application for managing the Moving Target Defense in a cloud environment developed in collaboration with University of Naples Federico II in the context of DEFEDGE - PRIN PNRR 2022 Project.
To use this application, you need to install a kubernetes cluster following this file How to Kubernetes and set up the environment following Framework setup.
The connection between the cluster and the framework can be described as follows.
The implemented techniques are:
IP shuffling(Changes the IP of the pod for the selected deployment, making it restart)Service Account shuffling(Changes the Service Account of the pod for the selected deployment)Dynamic Replica(Creates a new replica of the pod for the selected deployment)Node Migration(Migrate the pod of the selected deployment to another node matching the origin node type)
The application is intuitive and easy to use.
- The
landing pageis the following:
in which information about the cluster and the single node is automatically retrieved.
- In the
Nodes Listpage
the user can manage the node lifecycle (using add, edit and delete functions).
- In the
Deployment Listpage
the user can manage the deployment lifecycle (using add, edit and delete functions) and can decide on which deployment will enable the MTD.
N.B. The name of the deployment is the corresponding workload.
- In the
Strategies Listpage
the user can enable one (or more) strategy that will affect the enabled deployment. In this case, the user cannot edit the strategy directly in the UI but needs to modify the source code to change/add implementation logic. Whenever a new strategy is created, the following steps are needed:
- the new classNameService.java file implementing the technique must be stored in the
src/main/java/mtd/manager/servicefolder - insert in the
PGAdmin databasethe new corresponding technique using the following query in the proper tool of the web pagewhere "n" is the progressive technique numberINSERT INTO mtdmanager.strategy VALUES ('techniqueName', false, 'fixed', <n>);
- modify
src/main/resources/public/deplo.jsscript to adapt the dropdown menu to the new scenario, addingafter row 35.<option value="n" ${deployment.strategy === n ? 'selected' : ''}>techniqueName</option>
- in
src/main/resources/public/strats.jsscript add the strategy description with the ID provided inconst strategyDescriptions:ID: 'Strategy description',
- in
src/main/resources/public/add-deployment.jsupdate the functionisValidStrategy(row 14), adding the numbers of the new technique. - in
src/main/java/mtd/manager/service/MTDStrategyService.javaadd a new related thread to activate the service itself upon startup withnew Thread(classNameService, "name_alias").start();
- In the
Parameterpage
the user can set the preferred execution window.
[1] Casola, V., De Benedictis, A., Iorio, D., Migliaccio, S.: A moving target defense framework to improve resilience of cloud-edge systems. In: Barolli, L. (ed.) Advanced Information Networking and Applications. pp. 243–252. Springer Nature Switzerland, Cham (2025). DOI