Design, implementation and experiments for Moving Target Defense

Noor Ahmed, Purdue University

Abstract

The traditional defensive security strategy for distributed systems is to safeguard against malicious activities and prevent attackers from gaining control of the system. The strategy employs well-established defensive techniques such as perimeter-based firewalls, redundancy and replications, and encryption. However, given sufficient time and resources, all these methods can be defeated by advanced adversaries. To address this issue, this dissertation proposes an attack-resilient framework that employs a novel defensive security strategy to reduce or eliminate the need to keep one step ahead of sophisticated attacks. The core of our defensive strategy is to transform systems to narrow the window of their vulnerability from hours/days to minutes/seconds. This is achieved by controlling the system runtime execution in time and space through diversification and randomization as a means of shifting the perception of the attackers’ gain-loss balance. The goal of this defensive strategy, commonly referred to as Moving Target Defense (MTD), is to increase the cost of an attack on a system and to lower the likelihood of success and the perceived benefit of compromising it. The proposed defensive security paradigm is covered in five chapters: Chapter 1 introduces the framework and its core building blocks, then highlights the key contributions of the dissertation. Chapter 2 presents a proactive monitoring scheme to safeguard application runtime below the OS. Chapter 3 presents the proposed framework, referred to as Mayflies, a bio-inspired MTD framework for distributed systems, and discusses the formal model, design, implementation and algorithms. In Chapters 4 and 5, we show the effectiveness of the proposed framework with two classes of widely adopted replicated systems: quorum-based Byzantine Fault-Tolerant and Event-based Publish and Subscribe, deployed on a private cloud platform with special emphasis on their resiliency to attacks and performance impact.

Degree

Ph.D.

Advisors

Bhargava, Purdue University.

Subject Area

Computer science

Off-Campus Purdue Users:
To access this dissertation, please log in to our
proxy server
.

Share

COinS