Multiple OS rotational environment an implemented Moving Target Defense

Cyber-attacks continue to pose a major threat to existing critical infrastructure. Although suggestions for defensive strategies abound, Moving Target Defense (MTD) has only recently gained attention as a possible solution for mitigating cyber-attacks. The current work proposes a MTD technique that provides enhanced security through a rotation of multiple operating systems. The MTD solution developed in this research utilizes existing technology to provide a feasible dynamic defense solution that can be deployed easily in a real networking environment. In addition, the system we developed was tested extensively for effectiveness using CORE Impact Pro (CORE), Nmap, and manual penetration tests. The test results showed that platform diversity and rotation offer improved security. In addition, the likelihood of a successful attack decreased proportionally with time between rotations.

[1]  Scott A. DeLoach,et al.  Simulation-based Approaches to Studying Effectiveness of Moving-Target Network Defense | NIST , 2012 .

[2]  D. Kewley,et al.  Dynamic approaches to thwart adversary intelligence gathering , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.

[3]  Ehab Al-Shaer,et al.  Random Host Mutation for Moving Target Defense , 2012, SecureComm.

[4]  Richard Colbaugh,et al.  Proactive defense for evolving cyber threats , 2011, Proceedings of 2011 IEEE International Conference on Intelligence and Security Informatics.

[5]  Xiang Yu,et al.  Applying Self-Shielding Dynamics to the Network Architecture , 2013, Moving Target Defense.

[6]  Ehab Al-Shaer,et al.  Toward Network Configuration Randomization for Moving Target Defense , 2011, Moving Target Defense.

[7]  Eirik Albrechtsen,et al.  A qualitative study of users' view on information security , 2007, Comput. Secur..

[8]  Dhananjay S. Phatak,et al.  Spread Identity: A new dynamic address remapping mechanism for anonymity and DDoS defense , 2013, J. Comput. Secur..

[9]  Fred B. Schneider,et al.  Proactive obfuscation , 2010, TOCS.

[10]  Gordon Fyodor Lyon,et al.  Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning , 2009 .

[11]  Michael Franz,et al.  Compiler-Generated Software Diversity , 2011, Moving Target Defense.

[12]  David Evans,et al.  N-Variant Systems: A Secretless Framework for Security through Diversity , 2006, USENIX Security Symposium.

[13]  Salvatore J. Stolfo,et al.  Symbiotes and defensive Mutualism: Moving Target Defense , 2011, Moving Target Defense.

[14]  Anh Nguyen-Tuong,et al.  Effectiveness of Moving Target Defenses , 2011, Moving Target Defense.

[15]  Shuwang Lü,et al.  Full Service Hopping for Proactive Cyber-Defense , 2008, 2008 IEEE International Conference on Networking, Sensing and Control.

[16]  Yih Huang,et al.  Introducing Diversity and Uncertainty to Create Moving Attack Surfaces for Web Services , 2011, Moving Target Defense.

[17]  Steven Furnell,et al.  Why users cannot use security , 2005, Comput. Secur..

[18]  Per Larsen,et al.  Diversifying the Software Stack Using Randomized NOP Insertion , 2013, Moving Target Defense.

[19]  Jack W. Davidson,et al.  Moving Target Defenses in the Helix Self-Regenerative Architecture , 2013, Moving Target Defense.

[20]  Mohamed Eltoweissy,et al.  CyberX: A biologically-inspired platform for cyber trust management , 2012, 8th International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom).

[21]  Dhananjay S. Phatak,et al.  Spread-Identity mechanisms for DOS resilience and Security. , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).