Dependency Graph Analysis and Moving Target Defense Selection
Title | Dependency Graph Analysis and Moving Target Defense Selection |
Publication Type | Conference Paper |
Year of Publication | 2016 |
Authors | Hamlet, Jason R., Lamb, Christopher C. |
Conference Name | Proceedings of the 2016 ACM Workshop on Moving Target Defense |
Date Published | October 2016 |
Publisher | ACM |
Conference Location | New York, NY, USA |
ISBN Number | 978-1-4503-4570-5 |
Keywords | Attack Graphs, attack surface, composability, cybersecurity, dynamic defense, Dynamical Systems, graph theory, malware analysis, Metrics, moving target defenses, pubcrawl, Resiliency |
Abstract | Moving target defense (MTD) is an emerging paradigm in which system defenses dynamically mutate in order to decrease the overall system attack surface. Though the concept is promising, implementations have not been widely adopted. The field has been actively researched for over ten years, and has only produced a small amount of extensively adopted defenses, most notably, address space layout randomization (ASLR). This is despite the fact that there currently exist a variety of moving target implementations and proofs-of-concept. We suspect that this results from the moving target controls breaking critical system dependencies from the perspectives of users and administrators, as well as making things more difficult for attackers. As a result, the impact of the controls on overall system security is not sufficient to overcome the inconvenience imposed on legitimate system users. In this paper, we analyze a successful MTD approach. We study the control's dependency graphs, showing how we use graph theoretic and network properties to predict the effectiveness of the selected control. |
URL | https://dl.acm.org/doi/10.1145/2995272.2995277 |
DOI | 10.1145/2995272.2995277 |
Citation Key | hamlet_dependency_2016 |