ABSTRACT
prevent attackers from gaining control of the system using well established techniques such as; perimeter-based fire walls, redundancy and replications, and encryption. However, given sufficient time and resources, all these methods can be defeated. Moving Target Defense (MTD), is a defensive strategy that aims to reduce the need to continuously fight against attacks by disrupting attackers gain-loss balance. We present Mayflies, a bio-inspired generic MTD framework for distributed systems on virtualized cloud platforms. The framework enables systems designed to defend against attacks for their entire runtime to systems that avoid attacks in time intervals. We discuss the design, algorithms and the implementation of the framework prototype. We illustrate the prototype with a quorum-based Byzantime Fault Tolerant system and report the preliminary results.
- LibVMI: Library For Virtual Introspection. http://libvmi.com, Accessed April 19, 2016.Google Scholar
- BFT-SMaRT: High-Performance Byzantine Fault-Tolerant State Machine Replication. http://bft-smart.github.io/library/, Accessed April 20, 2016.Google Scholar
- Openstack. http://www.openstack.org, Accessed April 20, 2016.Google Scholar
- I. Ahmed, A. Zoranic, S. Javaid, and G. G. Richard. ModChecker: Kernel Module Integrity Checking in The Cloud Environment. In 41st International Conference on Parallel Processing Workshops (ICPPW), pages 306--313. IEEE, 2012. Google ScholarDigital Library
- N. Ahmed and B. Bhargava. Towards targeted intrusion detection deployments in cloud computing. International Journal of Next-Generation Computing, 6(2), 2015.Google Scholar
- A. Bessani, J. Sousa, and E. E. Alchieri. State Machine Replication for The Masses with BFT-SMaRT. In 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, pages 355--362. IEEE, 2014. Google ScholarDigital Library
- K. D. Bowers, M. Van Dijk, R. Griffin, A. Juels, A. Oprea, R. L. Rivest, and N. Triandopoulos. Defending Against The Unknown Enemy: Applying FlipIt to System Security. In Decision and Game Theory for Security, pages 248--263. Springer, 2012.Google ScholarCross Ref
- M. M. Carvalho, T. C. Eskridge, L. Bunch, J. M. Bradshaw, A. Dalton, P. Feltovich, J. Lott, and D. Kidwell. A Human-agent Teamwork Command and Control Framework for Moving Target Defense (MTC2). In Proceedings of The 8th Annual Cyber Security and Information Intelligence Research Workshop, page 38. ACM, 2013. Google ScholarDigital Library
- L. Chen and A. Avizienis. N-version Programming: A Fault-Tolerance Approach to Reliability of Software Operation. In Digest of Papers FTCS-8: 8th Annual International Conference on Fault Tolerant Computing, pages 3--9, 1978.Google Scholar
- Y. Chen, Z. Wang, D. Whalley, and L. Lu. Remix: On-demand Live Randomization. In The Proceedings of The 6th ACM on Conference on Data and Application Security and Privacy, pages 50--61. ACM, 2016. Google ScholarDigital Library
- B. Cox, D. Evans, A. Filipi, J. Rowanhill, W. Hu, J. Davidson, J. Knight, A. Nguyen-Tuong, and J. Hiser. N-variant Systems: A Secretless Framework for Security Through Diversity. In Usenix Security, volume 6, pages 105--120, 2006. Google ScholarDigital Library
- S. Forrest, A. Somayaji, and D. H. Ackley. Building Diverse Computer Systems. In The 6th Workshop on Hot Topics in Operating Systems, pages 67--72. IEEE, 1997. Google ScholarDigital Library
- T. Gar nkel, M. Rosenblum, et al. A Virtual Machine Introspection Based Architecture for Intrusion Detection. In The Proceedings of The Network and Distributed System Security (NDSS), volume 3, pages 191--206, 2003.Google Scholar
- C. Giu rida, A. Kuijsten, and A. S. Tanenbaum. Enhanced Operating System Security Through Efficient and Fine-Grained Address Space Randomization. In Presented as part of The 21st USENIX Security Symposium (USENIX Security 12), pages 475--490, 2012. Google ScholarDigital Library
- S. Hong, L. Xu, H. Wang, and G. Gu. Poisoning Network Visibility in Software-De ned Networks: New Attacks and Countermeasures. In Network and Distributed System Security (NDSS), 2015.Google Scholar
- J. H. Jafarian, E. Al-Shaer, and Q. Duan. Open ow Random Host Mutation: Transparent Moving Target Defense Using Software De ned Networking. In The Proceedings of The 1st Workshop on Hot Topics in Software De ned Networks, pages 127--132. ACM, 2012. Google ScholarDigital Library
- S. Jajodia, A. K. Ghosh, V. Swarup, C. Wang, and X. S. Wang. Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats, volume 54. Springer Science & Business Media, 2011. Google ScholarDigital Library
- P. K. Manadhata and J. M. Wing. An attack surface metric. Software Engineering, IEEE Transactions on, 37(3):371--386, 2011. Google ScholarDigital Library
- H. Okhravi, E. I. Robinson, S. Yannalfo, P. W. Michaleas, J. Haines, and A. Comella. TALENT: Dynamic Platform Heterogeneity for Cyber Survivability of Mission Critical Applications. In Secure and Resilient Cyber Architecture Conference (SRCA'10), 2010.Google Scholar
- Openstack.org. OpenStack cloud management framework, 2014.Google Scholar
- G. Portokalidis and A. D. Keromytis. Fast and Practical Instruction-set Randomization for Commodity Systems. In The Proceedings of The 26th Annual Computer Security Applications Conference, pages 41--48. ACM, 2010. Google ScholarDigital Library
- S. Rauti, S. Lauräen, S. Hosseinzadeh, J.-M. Makela, S. Hyrynsalmi, and V. Leppanen. Diversification of System Calls in Linux Binaries. In Trusted Systems, pages 15--35. Springer, 2014. Google ScholarDigital Library
- B. Sweeney. Mayflies and Stoneflies: Life Histories and Biology. Kluwer Academic Publisher, 1987.Google Scholar
- B. Sweeney and R. Vannote. Population Synchrony in Mayflies: A Predator Satiation Hypothesis. Evolution, 36:810--821, 1982.Google Scholar
Index Terms
- Mayflies: A Moving Target Defense Framework for Distributed Systems
Recommendations
A secure smart-work service model based OpenStack for Cloud computing
Cloud computing technology is a general concept and idea such as existing distributed computing, parallel computing, Pervasive computing and Ubiquitous computing. We have been studying OpenStack which was an Open cloud project under the KOREN (Korea ...
Comprehensive Security Assessment of Combined MTD Techniques for the Cloud
MTD '18: Proceedings of the 5th ACM Workshop on Moving Target DefenseMoving Target Defense (MTD) is a proactive security solution, which can be utilized by cloud computing in order to thwart cyber attacks. Many MTD techniques have been proposed, but there is still a lack of systematic evaluation methods for assessing the ...
Initiating a Moving Target Network Defense with a Real-time Neuro-evolutionary Detector
GECCO '16 Companion: Proceedings of the 2016 on Genetic and Evolutionary Computation Conference CompanionThe moving network target defense (MTD) based approach to security aims to design and develop capabilities to dynamically change the attack surfaces to make it more difficult for attackers to strike. One such capability is to dynamically change the IP ...
Comments