EAGER: Toward Automated Integration of Moving Target Defense Techniques

EAGER：迈向移动目标防御技术的自动化集成

• 批准号: 1352238
• 负责人: Ehab Al-Shaer
• 金额: $ 15万
• 依托单位: University of North Carolina at Charlotte
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2013
• 资助国家: 美国
• 起止时间: 2013-10-01 至 2016-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1352238&HistoricalAwards=false
• 关键词: EAGER; Toward; Automated; Integration; Moving

Moving Target defense (MTD) is a new Cybersecurity paradigm for deterring and disturbing attacks proactively in order to counter the ?asymmetry? phenomena in cyber warfare. A number of moving target techniques have been recently proposed to inverse this asymmetry by randomizing systems? attributes (e.g., configuration) and exhibiting non-determinism to attackers. However, due to potential inter-dependency between various MTD mechanisms, an ad hoc combination of MTD techniques can cause profoundly detrimental effect on security, performance and the operational integrity of the system. This project is investigating novel and transformative approaches to formulate a prescriptive framework to instantiate new MTD strategies that are correct-by-construction, from an arbitrary list of MTD mechanisms. The proposed framework enables integrating MTD mechanisms vertically, or horizontally, while balancing the benefit and cost of the synthesized integrated MTD strategy. As a case study, two main classes of MTD mechanisms, namely, Host Configuration Mutation and Network Configuration Mutation, are integrated to create a cohesive and more powerful composite MTD mechanism. To this end, the results of this research enable new theoretical foundations and transformative approaches in the science of moving target defense by contributing to the understanding of automated reasoning for moving target defense synthesis and evaluation. As this far-forward looking EAGER proposal exhibits high-risk, it also entails high-value that is to be always many steps ahead of attackers. Through the development of a framework for reasoning about MTD, MTD course modules will be developed. The software artifacts permit for further experimentation and progress in this area.

移动目标防御(MTD)是一种新的网络安全范式，旨在主动威慑和干扰攻击，以对抗网络攻击的不对称性。网络战中的现象。最近提出了一些移动目标技术来通过随机化系统来逆转这种不对称性？属性(例如，配置)和对攻击者表现出的不确定性。然而，由于各种MTD机制之间潜在的相互依赖，MTD技术的特别组合可能会对系统的安全性、性能和操作完整性造成严重的有害影响。该项目正在研究新的和变革性的方法，以制定一个规范性框架，从任意的MTD机制列表中实例化按结构正确的新的MTD战略。所提出的框架能够垂直或水平地集成MTD机制，同时平衡综合集成MTD战略的收益和成本。作为一个实例，集成了两类主要的MTD机制，即主机配置突变和网络配置突变，以创建一个具有内聚力和更强大的组合MTD机制。为此，本研究成果有助于理解运动目标防御综合与评估的自动推理，从而为运动目标防御科学提供新的理论基础和变革性的研究方法。由于这一具有远见卓识的热切提议显示出高风险，它也带来了高价值，即总是领先于攻击者许多步。通过开发关于MTD的推理框架，将开发MTD课程模块。软件构件允许在这一领域进行进一步的实验和进步。