Security and Science of Agility

Moving target defenses alter the environment in response to adversarial action and perceived threats. Such defenses are a specific example of a broader class of system management techniques called system agility. In its fullest generality, agility is any reasoned modification to a system or environment in response to a functional, performance, or security need. This paper details a recently launched 10-year Cyber-Security Collaborative Research Alliance effort focused in-part on the development of a new science of system agility, of which moving target defenses are a central theme. In this context, the consortium seeks to address the questions of when, what, and how to employ changes to improve the security of an environment, as well as consider how to measure and weigh the effectiveness of different approaches to agility. We discuss several fundamental challenges in developing and using MTD maneuvers, and outline several broad classes of mechanisms that can be used to implement them. We conclude by detailing specific MTD mechanisms used to adaptively quarantine vulnerable code in Android applications, and consider ways of comparing cost and payout of its use.

[1]  Sushil Jajodia,et al.  Moving Target Defense II , 2013, Advances in Information Security.

[2]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[3]  Paul F. Syverson,et al.  Anonymous connections and onion routing , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[4]  Michalis Faloutsos,et al.  Routing amid Colluding Attackers , 2007, 2007 IEEE International Conference on Network Protocols.

[5]  Sushil Jajodia,et al.  Moving Target Defense II: Application of Game Theory and Adversarial Modeling , 2012 .

[6]  Ronald L. Rivest,et al.  Honeywords: making password-cracking detectable , 2013, CCS.

[7]  Michalis Faloutsos,et al.  Improving the Performance of TCP in the Presence of Interacting UDP Flows in Ad Hoc Networks , 2004, NETWORKING.

[8]  David von Oheimb Information Flow Control Revisited: Noninfluence = Noninterference + Nonleakage , 2004, ESORICS.

[9]  Iulian Neamtiu,et al.  Towards self-healing smartphone software via automated patching , 2014, ASE.

[10]  George Papageorgiou,et al.  Resource thrifty secure mobile video transfers on open WiFi networks , 2013, CoNEXT.

[11]  Michalis Faloutsos,et al.  Denial of service attacks at the MAC layer in wireless ad hoc networks , 2002, MILCOM 2002. Proceedings.

[12]  Thomas F. La Porta,et al.  Establishing Pair-Wise Keys in Heterogeneous Sensor Networks , 2006, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.

[13]  Sushil Jajodia,et al.  Moving Target Defense - Creating Asymmetric Uncertainty for Cyber Threats , 2011, Moving Target Defense.

[14]  Thomas F. La Porta,et al.  Privacy Preserving Communication in MANETs , 2007, 2007 4th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks.