Host immunity via mutable virtualized large-scale network containers

Abstract

Project Summary The relatively static configurations of networks and their hosts allow attackers to gather intelligence, perform planning, and execute attacks at will. We propose a scalable, dynamic, adaptive system for host immunity that combines virtualization, emulation, and mutable network configurations. Our system provides host protection through hiding the real system among a large number of decoys with dynamic virtualized network topology. This is not simply “security through obscurity.” Rather, with the dynamically mutating network, it means the “needle” is in a constantly changing “haystack.” Moreover, we could monitor the virtual network for malicious activity, which drives strategies for dynamic attack responses. We propose to achieve dynamic virtualized network topology through various aspects of the virtualized network self-modification, including the addressing, network topology, routing, and access control components. One of our research issues will be to design a dynamics manager to monitor and control various dynamics through a generalized interface. We propose to develop an adaptive moving schedule that dynamically changes the decoy moving strategies after profiling the attackers’ behaviors and attacking strategies. Another research issue will be how to ensure the external legitimate users securely access the real system with low latency. We propose a mechanism to make authenticated users access the real system through a proxy, instead of going through a long routing path in the virtualized network.

Document Details

Document Type

DoD Grant Award

Publication Date

Aug 08, 2016

Source ID

N000141512026

Entities

Tags