论文信息 - Artificial Diversity as Maneuvers in a Control Theoretic Moving Target Defense

Artificial Diversity as Maneuvers in a Control Theoretic Moving Target Defense

Moving target cyber-defense systems encompass a wide variety of techniques in multiple areas of cyber-security. The dynamic system reconfiguration aspect of moving target cyber-defense can be used as a basis for providing an adaptive attack surface. The goal of this research is to develop novel control theoretic mechanisms by which a range of cyber maneuver techniques are provided such that when an attack is detected the environment can select the most appropriate maneuver to ensure a sufficient shift in the attack surface to render the identified attack ineffective. Effective design of this control theoretic cyber maneuver approach requires the development of two additional theories. First, algorithms are required for the estimation of security state. This will identify when a maneuver is required. Second, a theory for the estimation of the cost of performing a maneuver is required. This is critical for selecting the most cost-effective maneuver while ensuring that the attack is rendered fully ineffective. Finally, we present our moving target control loop as well as a detailed case study examining the impact of our proposed cyber maneuver paradigm on DHCP attacks.

Karl N. Levitt | Jeff Rowe | Tufan Demir | Robert Erbacher

[1] Karl N. Levitt,et al. A distributed host-based worm detection system , 2006, LSAD '06.

[2] Evangelos P. Markatos,et al. Defending against hitlist worms using network address space randomization , 2007, Comput. Networks.

[3] Karl N. Levitt,et al. A framework for diversifying windows native APIs to tolerate code injection attacks , 2007, ASIACCS '07.

[4] Karl N. Levitt,et al. Execution monitoring of security-critical programs in distributed systems: a specification-based approach , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[5] K.S. Swarup,et al. Identification of Operating States of Power System Using Transient Stability Analysis , 2008, 2008 Joint International Conference on Power System Technology and IEEE Power India Conference.

[6] Karl N. Levitt,et al. Optimal Cost, Collaborative, and Distributed Response to Zero-Day Worms - A Control Theoretic Approach , 2008, RAID.

[7] Karl N. Levitt,et al. System Health and Intrusion Monitoring Using a Hierarchy of Constraints , 2001, Recent Advances in Intrusion Detection.