| Resumen |
This survey examines recent strategic approaches to Moving Target Defense (MTD) and self-defending systems, focusing on their strategy design, reconfiguration mechanisms, and adaptive behavior within cybersecurity contexts. Through a structured review of scientific literature, the study classifies existing approaches across multiple groups, including strategic objectives, threat models, control models, agent integration, and protected assets. The classification reveals recurring patterns, unresolved challenges, and conceptual gaps, particularly the common tendency to reduce strategies to isolated technical mechanisms. This observation motivates a rethinking of how strategy is defined and design in cybersecurity defense systems. As a contribution, the article presents StratEDR, a novel conceptual MTD strategy based on a language-model-driven agent that governs behavioral inspection and movement decisions within a honeypot environment. Suspicious traffic, flagged by external systems such as SIEM or IDS, is redirected to this environment, where the agent analyzes activity prior to authorizing access to the production infrastructure. The insights and classification framework offered in this work are intended to support researchers and professionals in analyzing, comparing, and designing dynamic defense strategies with greater architectural clarity and strategic intent. © The Author(s), under exclusive license to Springer Nature Switzerland AG 2026. |
