Securing Static Nodes in Mobile-Enabled Systems using a Network-Layer Moving Target Defense (original) (raw)
Related papers
A moving target defense approach for protecting resource-constrained distributed devices
2013 IEEE 14th International Conference on Information Reuse & Integration (IRI), 2013
Techniques aimed at continuously changing a system's attack surface, usually referred to as Moving Target Defense (MTD), are emerging as powerful tools for thwarting cyber attacks. Such mechanisms increase the uncertainty, complexity, and cost for attackers, limit the exposure of vulnerabilities, and ultimately increase overall resiliency. In this paper, we propose an MTD approach for protecting resource-constrained distributed devices through fine-grained reconfiguration at different architectural layers. In order to show the feasibility of our approach in realworld scenarios, we study its application to Wireless Sensor Networks (WSNs), introducing two different reconfiguration mechanisms. Finally, we show how the proposed mechanisms are effective in reducing the probability of successful attacks.
A Survey of Moving Target Defenses for Network Security
IEEE Communications Surveys & Tutorials, 2020
Network defenses based on traditional tools, techniques, and procedures (TTP) fail to account for the attacker's inherent advantage present due to the static nature of network services and configurations. To take away this asymmetric advantage, Moving Target Defense (MTD) continuously shifts the configuration of the underlying system, in turn reducing the success rate of cyberattacks. In this survey, we analyze the recent advancements made in the development of MTDs and highlight (1) how these defenses can be defined using common terminology, (2) can be made more effective with the use of artificial intelligence techniques for decision making, (3) be implemented in practice and (4) evaluated. We first define an MTD using a simple and yet general notation that captures the key aspects of such defenses. We then categorize these defenses into different sub-classes depending on what they move, when they move and how they move. In trying to answer the latter question, we showcase the use of domain knowledge and gametheoretic modeling can help the defender come up with effective and efficient movement strategies. Second, to understand the practicality of these defense methods, we discuss how various MTDs have been implemented and find that networking technologies such as Software Defined Networking and Network Function Virtualization act as key enablers for implementing these dynamic defenses. We then briefly highlight MTD testbeds and case-studies to aid readers who want to examine or deploy existing MTD techniques. Third, our survey categorizes proposed MTDs based on the qualitative and quantitative metrics they utilize to evaluate their effectiveness in terms of security and performance. We use well-defined metrics such as risk analysis and performance costs for qualitative evaluation and metrics based on Confidentiality, Integrity, Availability (CIA), attack representation, QoS impact, and targeted threat models for quantitative evaluation. Finally, we show that our categorization of MTDs is effective in identifying novel research areas and highlight directions for future research.
A Survey on Moving Target Defense for Networks: A Practical View
Electronics
The static nature of many of currently used network systems has multiple practical benefits, including cost optimization and ease of deployment, but it makes them vulnerable to attackers who can observe from the shadows to gain insight before launching a devastating attack against the infrastructure. Moving target defense (MTD) is one of the emerging areas that promises to protect against this kind of attack by continuously shifting system parameters and changing the attack surface of protected systems. The emergence of network functions virtualization (NFV) and software-defined networking (SDN) technology allows for the implementation of very sophisticated MTD techniques. Furthermore, the introduction of such solutions as field-programmable gate array (FPGA) programmable acceleration cards makes it possible to take the MTD concept to the next level. Applying hardware acceleration to existing concepts or developing new, dedicated methods will offer more robust, efficient, and secure...
Software-deļ¬ned networking based moving target defenses
2020
The static and homogeneous nature of the existing state-of-the-art networked systems provides asymmetric advantages to attackers that make them easy for reconnaissance and launching the attacks. The advanced cyberattacks (e.g., APT, DDoS, malware) cause tremendous socioeconomic impact and losses; therefore, there is an immediate need to not only respond (Army Research Lab, USA), Seunghyun Yoon, and Dr. Hyuk Lim (GIST, South Korea) for their invaluable comments, ideas, reviews, advice and suggestions during my research. Thank you all for their insightful comments and suggestions that allowed me to greatly improve the quality of the work vii presented in this thesis. My special gratitude goes to Dr. Jin B. Hong and Dr. Mengmeng Ge, for their invaluable advice, discussion, and feedback on my research. I am also indebted to my friend Dr. Simon Yusuf Enoch, for his invaluable insights and suggestions. I appreciate his willingness to help and meet me whenever I need it. Thank you all the members of the UC Cybersecurity Lab, Cole,
Investigating the application of moving target defenses to network security
2013 6th International Symposium on Resilient Control Systems (ISRCS), 2013
This paper presents a preliminary design for a moving-target defense (MTD) for computer networks to combat an attacker's asymmetric advantage. The MTD system reasons over a set of abstract models that capture the network's configuration and its operational and security goals to select adaptations that maintain the operational integrity of the network. The paper examines both a simple (purely random) MTD system as well as an intelligent MTD system that uses attack indicators to augment adaptation selection. A set of simulation-based experiments show that such an MTD system may in fact be able to reduce an attacker's success likelihood. These results are a preliminary step towards understanding and quantifying the impact of MTDs on computer networks.
IEEE Security & Privacy, 2011
In this paper smartphones are discussed. Today's smartphone are more common than computers. In fact, smart phones are simply computers with extra hardware-namely, a GSM (Global System for Mobile Communications) radio and a baseband processor to control it. These extra features are great, but with the power they provide, there's also a threat. Today, smartphones are becoming targets of attackers in the same way PCs have been for many years. This paper focus on the security models of two smart phone operating systems: Apple's iOS and Google's Android. These two have a special place in my heart because I was the first to publicly exploit both of them.
A moving target defense mechanism for MANETs based on identity virtualization
2013 IEEE Conference on Communications and Network Security (CNS), 2013
Mechanisms for continuously changing or shifting a system's attack surface are emerging as game-changers in cyber security. In this paper, we propose a novel defense mechanism for protecting the identity of nodes in Mobile Ad Hoc Networks and defeat the attacker's reconnaissance efforts. The proposed mechanism turns a classical attack mechanism -Sybil -into an effective defense mechanism, with legitimate nodes periodically changing their virtual identity in order to increase the uncertainty for the attacker. To preserve communication among legitimate nodes, we modify the network layer by introducing (i) a translation service for mapping virtual identities to real identities; (ii) a protocol for propagating updates of a node's virtual identity to all legitimate nodes; and (iii) a mechanism for legitimate nodes to securely join the network. We show that the proposed approach is robust to different types of attacks, and also show that the overhead introduced by the update protocol can be controlled by tuning the update frequency.
SIREN: a feasible moving target defence framework for securing resource-constrained embedded nodes
International Journal of Critical Computer-Based Systems, 2013
Embedded nodes are widely used in several application domains thanks to low-costs and their data acquisition and processing capabilities. In the recent years, particular emphasis was given to pervasive wireless sensor nodes that enabled innovative applications for infrastructure monitoring, crowd-source sensing and mobile cyber-physical infrastructure. Indeed, security is one of the main open challenges to face; available security solutions are not able to cope with new attack scenarios and proactive measures to protect nodes are needed. Techniques aimed at continuously changing a system configuration, recently referred to as moving target defence (MTD), are emerging to improve the security level provided by the system but their feasibility in resource constrained environment should be evaluated. Starting from these considerations, in this paper, we propose a reconfiguration framework for embedded nodes that is able to enhance the performance of available reconfiguration tools and also to enable the MTD approach in battery-supplied wireless sensor nodes. We will illustrate the details of the proposed architecture, named SIREN and we will evaluate the feasibility of the proposed solution. First experimental results will show the great advantages of this proposal against available solutions.
IANVS: A Moving Target Defense Framework for a Resilient Internet of Things
2020 IEEE Symposium on Computers and Communications (ISCC), 2020
The Internet of Things (IoT) is more and more present in fundamental aspects of our societies and personal life. Billions of objects now have access to the Internet. This networking capability allows for new beneficial services and applications. However, it is also the entry-point for a wide variety of cyber-attacks that target these devices. The security measures present in real IoT systems lag behind those of the standard Internet. Security is sometimes completely absent. Moving Target Defense (MTD) is a 10-year-old cyber-defense paradigm. It proposes to randomize components of a system. Reasonably, an attacker will have a higher cost attacking an MTD-version of a system compared with a static-version of it. Even if MTD has been successfully applied to standard systems, its deployment for IoT is still lacking. In this paper, we propose a generic MTD framework suitable for IoT systems: IANVS (pronounced Janus). Our framework has a modular design. Its components can be adapted accor...