Dynamic Reconfiguration Enables Generalized Obfuscation Technologies for Cyber Security
Abstract
The growing cyber threat is well recognized, and the cost of exploits grows daily. TodayÕs static security practices allow potential intruders the opportunity to study possible avenues of attack, giving them an edge. Our work in dynamic reconfiguration of software provides active security mechanisms in defense of systems; these mechanisms negate any value of an intruderÕs patient observations of how the system operates. We have demonstrated the value of these mechanisms at small scale, and now propose to study their efficacy in larger scale systems, using rule-based techniques to manage systems-of-systems. We further propose to study how such tools might support emerging work in data obfuscation, so that once a live interaction is determined to be of malicious intent, the system can immediate reconfigure to deny further exfiltration of valuable data yet do so while maintaining the illusion of continued system penetration. Subsequent data provided to the intruder would instead be crafted to deceive and potentially enable tracking of its use elsewhere.
Document Details
- Document Type
- DoD Grant Award
- Publication Date
- Jun 10, 2016
- Source ID
- N000141612107
Entities
People
- James Purtilo
Organizations
- Office of Naval Research
- United States Navy
- University of Maryland