Moving target defense in distributed systems

Document Type

Article

Publication Date

4-21-2016

Department

Department of Computer Science

Abstract

Cyber attacks on distributed systems have devastating consequences. Several cybersecurity solutions have failed to protect distributed systems primarily due to asymmetric warfare with cyber adversaries. Most cybersecurity solutions have to grapple with the tradeoff between detecting one breach vs blocking all possible breaches. Current cyber threats are sophisticated and comprise of multiple attack vectors caused by organized attackers. Most of the current cyber defenses are blackbox or set-and-forget approaches which can protect against zero-day attacks and are ineffective against dynamic threats. The asymmetric conundrum is to determine which assets (software, embedded devices, routers, back end infrastructure, and dependencies between software components) need to be protected. Recently, Moving Target Defense (MTD) has been proposed as a strategy to protect distributed systems. MTD based approaches take a leaf out of the adversaries book by not focusing on fortifying every asset and make the systems move to the defender’s advantage. MTD is a game changing capability to protect distributed systems by enabling defenders to change system/network behaviors, policies, or configurations automatically such that potential attack surfaces are moved in an unpredictable manner. MTD is also a cost-effective approach for intrusion detection, active response, and recovery in distributed systems. To realize an effective MTD based defense, several challenges have to be addressed. In this chapter, we provide an overview of the challenges and proposed approaches to mitigate them.

Publication Title

Wireless Networks

Share

COinS