Managed Execution Environment as a Moving-Target Defense Infrastructure

The A3 adaptive execution management environment contributes to moving-target defense (MTD) strategies by enabling sophisticated dynamic defensive maneuvers. A3 facilitates synergistic combination of MTDs with one another as well as with other aspects of a composite defense, aiming to improve an application's resiliency over time. It can expand MTDs' scope and increase their effectiveness by subjecting additional system aspects to dynamic motion and adding moving-target dynamism to the overall defense, with little increase in cost and complexity.

[1]  Jack W. Davidson,et al.  Secure and practical defense against code-injection attacks using software dynamic translation , 2006, VEE '06.

[2]  R. Sekar,et al.  Address-Space Randomization for Windows Systems , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[3]  Claire Le Goues,et al.  Automatically finding patches using genetic programming , 2009, 2009 IEEE 31st International Conference on Software Engineering.

[4]  Franklin Webber,et al.  The DPASA Survivable JBI — A High-Water Mark in Intrusion-Tolerant Systems , 2007 .

[5]  Arun K. Sood,et al.  Securing Web Servers Using Self Cleansing Intrusion Tolerance (SCIT) , 2009, 2009 Second International Conference on Dependability.

[6]  D. Paul Benjamin,et al.  Anomaly and Specification Based Cognitive Approach for Mission-Level Detection and Response , 2008, RAID.

[7]  Joseph P. Loyall,et al.  Building Adaptive and Agile Applications Using Intrusion Detection and Response , 2000, NDSS.

[8]  Brett Benyo,et al.  Isolation of Malicious External Inputs in a Security Focused Adaptive Execution Environment , 2013, 2013 International Conference on Availability, Reliability and Security.

[9]  Mike Hibler,et al.  Advanced Adaptive Application (A3) Environment: initial experience , 2011, Middleware '11.

[10]  John A. Zinky,et al.  Building auto-adaptive distributed applications: the QuO-APOD experience , 2003, 23rd International Conference on Distributed Computing Systems Workshops, 2003. Proceedings..

[11]  Partha Pal,et al.  Defense-enabled applications , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.

[12]  David J. Musliner,et al.  Automated Self-Adaptation for Cyber-Defense -- Pushing Adaptive Perimeter Protection Inward , 2013, 2013 IEEE 7th International Conference on Self-Adaptation and Self-Organizing Systems Workshops.

[13]  D. Kewley,et al.  Dynamic approaches to thwart adversary intelligence gathering , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.

[14]  Magnus Almgren,et al.  An Architecture for an Adaptive Intrusion-Tolerant Server , 2002, Security Protocols Workshop.

[15]  David J. Musliner,et al.  FUZZBUSTER: A System for Self-Adaptive Immunity from Cyber Threats , 2012, ICAS 2012.

[16]  Salvatore J. Stolfo,et al.  The MEERKATS Cloud Security Architecture , 2012, 2012 32nd International Conference on Distributed Computing Systems Workshops.

[17]  Angelos D. Keromytis,et al.  Fast and practical instruction-set randomization for commodity systems , 2010, ACSAC '10.

[18]  Michael Franz,et al.  Compiler-Generated Software Diversity , 2011, Moving Target Defense.

[19]  Michael Atighetchi,et al.  Adaptive cyberdefense for survival and intrusion tolerance , 2004, IEEE Internet Computing.

[20]  Michael Atighetchi,et al.  Survivability architecture of a mission critical system: the DPASA example , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[21]  Brett Benyo,et al.  Moving target defense (MTD) in an adaptive execution environment , 2013, CSIIRW '13.