Abstract
With the growing concerns about cybersattacks on IoT devices, many different cybersecurity solutions have been introduced. Among them, the Moving Target Defense (MTD) paradigm aims to reduce the likelihood of a successful threat event by changing the attack surface proactively or reactively. While proactive approaches degrade the quality of service, reactive ones cannot prevent damage. Thus, this work proposes FeDef, a federated and cooperative framework able to deploy reactively and proactively MTD techniques on resource-constrained devices affected by command and control-based malware. The performance of FeDef has been evaluated in a scenario composed of several devices infected with Bashlite. Multiple experiments have demonstrated the improvement in terms of system-wide infection time, service disruption, and resource consumption. Results show that FeDef can be implemented with limited resources and minimal impact on network and service availability.