Moving Target Techniques: Cyber Resilience throught Randomization, Diversity, and Dynamism

Abstract

The static nature of computer systems makes them vulnerable to cyber attacks. Consider a situation where an attacker wants to compromise a remote system running a specific application. The attacker need only find one vulnerability in a local copy of that application. Since all copies of that application are identical and static, the attacker can leverage that vulnerability to exploit the application on a remote machine. Worse yet, the same vulnerability can be exploited to attack thousands or millions of other machines that run the same application. Also, since the internals of the system changes little over time, the same attack is likely to succeed for a long time. The situation is exacerbated by the fact that any reconnaissance information collected on the system by the attackers will also be valid for a long time. This creates an imbalance in favor of attacks. A promising approach to cyber resilience that attempts to rebalance the cyber landscape is known as cyber moving target (MT) (or just moving target) techniques. Moving target techniques change the static nature of computer systems to increase both the difficulty and the cost (in effort, time, and resources) of mounting attacks. Simply put, these techniques turn systems into moving targets that will be hard for cyber attackers to compromise. MT techniques leverage randomization, diversity, and dynamism to achieve resilience. Randomization refers to introducing non-determinism to the internal structures of a system while preserving its correct functionality; diversity refers to introducing heterogeneity among computer systems so that they cannot be compromised by the same attack; and dynamism refers to changing the properties of a system over time so that the same attack cannot compromise it in the future.MT technique can implement any subset of these three goals.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Mar 03, 2017
Accession Number
AD1028509

Entities

People

  • Hamed Okhravi
  • Howard Elliot Shrobe

Organizations

  • Massachusetts Institute of Technology

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Application Software
  • Code Injection
  • Coding
  • Computer Programming
  • Computer Programs
  • Computers
  • Computing System Architectures
  • Cyberattacks
  • Electronic Mail
  • Environment
  • Instructions
  • Internet
  • Moving Targets
  • Network Protocols
  • Operating Systems
  • Test And Evaluation
  • Web Browsers

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Systems Analysis and Design

Technology Areas

  • Cyber