Automated Moving Target Defense
Published research, white papers, and the science behind Phoenix.
Published Research
ADA: Automated Moving Target Defense for AI Workloads via Ephemeral Infrastructure-Native Rotation in Kubernetes
Akram Sheriff, Ken Huang, Zsolt Nemeth, Madjid Nakhjiri
Introduces the Adaptive Defense Agent (ADA), an AMTD system that continuously rotates AI workloads at the infrastructure level using Kubernetes pods. Applies chaos engineering principles to achieve zero-trust security through rotation-based defense.
Proactive Security for Large-Scale AI Inference: Adaptive Container Orchestration at the Edge
Akram Sheriff, Zsolt Nemeth, Ken Huang
Introduces Adaptive NIMs — applying AMTD to AI inference environments. Addresses security and reliability risks of static NVIDIA NIM deployments through dynamic container rotation, runtime configuration mutation, and telemetry-driven decision-making.
Adaptive Security for AI Infrastructure with Automated Moving Target Defense
Zsolt Nemeth
Formalizes AMTD for AI systems with mathematical threat models, measurable improvements in Time-to-Compromise and Attack Success Rate, and practical deployment strategies including Leader-Worker Sets and inference rotation.
Phoenix: Adaptive Containers — The Mathematical Imperative for Proactive Defense, Rooted in Game Theory
R6 Security
Frames AMTD through von Neumann’s Minimax Theorem and game theory. Demonstrates why static defense is mathematically irrational and how Phoenix implements the optimal mixed strategy through continuous container rotation.
90% of attacks are reconnaissance and planning. AMTD makes that planning worthless.
What is Automated Moving Target Defense?
Moving Target Defense continuously shifts the attack surface to increase uncertainty for adversaries. Instead of presenting a static target, MTD systems dynamically change configurations, network addresses, and runtime environments. AMTD removes human decision-making from the loop — Phoenix uses telemetry, risk signals, and chaos engineering principles to autonomously rotate, mutate, and regenerate workloads.
Container Rotation
Pods are replaced at random or telemetry-driven intervals. No foothold survives the next rotation cycle.
Runtime Mutation
Environment variables, network identities, and service labels change continuously. Reconnaissance data becomes stale before it can be used.
Workload Regeneration
Compromised workloads are automatically replaced with known-good baselines. The system heals itself as a matter of course.
Network Obfuscation
IPs, service endpoints, and routing paths shift dynamically. Lateral movement becomes impossible when the network map is constantly redrawn.
Panic Mutation
When suspicious activity is detected, Phoenix triggers immediate workload rotation. The compromised environment is destroyed before the attacker completes their objective.