A Game Theoretic Approach to Strategy Determination for Dynamic Platform Defenses

Moving target defenses based on dynamic platforms have been proposed as a way to make systems more resistant to attacks by changing the properties of the deployed platforms. Unfortunately, little work has been done on discerning effective strategies for the utilization of these systems, instead relying on two generally false premises: simple randomization leads to diversity and platforms are independent. In this paper, we study the strategic considerations of deploying a dynamic platform system by specifying a relevant threat model and applying game theory and statistical analysis to discover optimal usage strategies. We show that preferential selection of platforms based on optimizing platform diversity approaches the statistically optimal solution and significantly outperforms simple randomization strategies. Counter to popular belief, this deterministic strategy leverages fewer platforms than may be generally available, which increases system security.

[1]  Per Larsen,et al.  Security through Diversity: Are We There Yet? , 2014, IEEE Security & Privacy.

[2]  Margo I. Seltzer,et al.  An architecture a day keeps the hacker away , 2005, CARN.

[3]  Michael Franz,et al.  Runtime Defense against Code Injection Attacks Using Replicated Execution , 2011, IEEE Transactions on Dependable and Secure Computing.

[4]  Arun K. Sood,et al.  Securing Web Servers Using Self Cleansing Intrusion Tolerance (SCIT) , 2009, 2009 Second International Conference on Dependability.

[5]  Arun K. Sood,et al.  Secure, Resilient Computing Clusters: Self-Cleansing Intrusion Tolerance with Hardware Enforced Security (SCIT/HES) , 2007, The Second International Conference on Availability, Reliability and Security (ARES'07).

[6]  Nicholas Nethercote,et al.  Valgrind: a framework for heavyweight dynamic binary instrumentation , 2007, PLDI '07.

[7]  Jack W. Davidson,et al.  Strata: A Software Dynamic Translation Infrastructure , 2001 .

[8]  Jack W. Davidson,et al.  Security through Diversity: Leveraging Virtual Machine Technology , 2009, IEEE Security & Privacy.

[9]  Kevin M. Carter,et al.  Strategic evolution of adversaries against temporal platform diversity active cyber defenses , 2014, SpringSim.

[10]  Daniel Shawcross Wilkerson,et al.  Winnowing: local algorithms for document fingerprinting , 2003, SIGMOD '03.

[11]  Kevin M. Carter,et al.  Quantitative Evaluation of Dynamic Platform Techniques as a Defensive Mechanism , 2014, RAID.

[12]  Roger B. Myerson,et al.  Game theory - Analysis of Conflict , 1991 .

[13]  Hamed Okhravi,et al.  Creating a cyber moving target for critical infrastructure applications using platform diversity , 2012, Int. J. Crit. Infrastructure Prot..

[14]  Richard Colbaugh,et al.  Predictability-oriented defense against adaptive adversaries , 2012, 2012 IEEE International Conference on Systems, Man, and Cybernetics (SMC).

[15]  Michael Franz,et al.  On the effectiveness of multi-variant program execution for vulnerability detection and prevention , 2010, MetriSec '10.

[16]  Michael Franz,et al.  Reverse Stack Execution in a MultiVariant Execution Environment , 2012 .

[17]  Michael Franz,et al.  Multi-variant Program Execution: Using Multi-core Systems to Defuse Buffer-Overflow Vulnerabilities , 2008, 2008 International Conference on Complex, Intelligent and Software Intensive Systems.

[18]  Kevin M. Carter,et al.  Adaptive Attacker Strategy Development Against Moving Target Cyber Defenses , 2014, ArXiv.

[19]  William W. Streilein,et al.  Finding Focus in the Blur of Moving-Target Techniques , 2014, IEEE Security & Privacy.

[20]  Arun K. Sood,et al.  Incorruptible system self-cleansing for intrusion tolerance , 2006, 2006 IEEE International Performance Computing and Communications Conference.

[21]  Vincent Nicomette,et al.  The Design of a Generic Intrusion-Tolerant Architecture for Web Servers , 2009, IEEE Transactions on Dependable and Secure Computing.