Improving the Diversity Defense of Genetic Algorithm-Based Moving Target Approaches

Abstract--One approach for providing a Moving Target (MT) defense is to intermediately change a system's configuration (operating systems and/or applications). For example, Genetic Algorithms (GAs) have been successfully used to find alternative configurations that can discount the attacker's knowledge about the system. Central to the GA approach is the chromosome pool, which consists of the best alternative configurations discovered thus far. Unfortunately the pool can possibly "stagnate" if these configurations do not change after a period of time. Although the configurations are secure, this situation limits the diversity the approach can achieve.

This paper describes how chromosome pool manage- ment can improve the diversity of GA-based MT envi- ronments. The proposed approach "ages" configurations, reducing the fitness (security) of a configuration based on the period of time since it was last active (used as the configuration for the system). As a result, configurations that not been active for a long period of time are considered less secure which can make space in the pool for new alternatives. Simulations results will demonstrate proper pool management can provide a functional, secure, and more diverse MT environment.