|
Computers are often deployed in a deterministic fashion, even across unrelated infrastructures, in order to simplify their life-cycle management. Unfortunately a predictable environment also aids attackers since a small set of exploits can be applied across a large number of similarly configured computers. A Moving Target (MT) strategy can be used to address this problem by deploying less deterministic and homogenous systems. For example intermittently changing a system's configuration (operating systems and/or applications) can create a MT defense that limits the usefulness of an attacker's knowledge; however, these alternative configurations must be functional and secure, while diverse.
This research explores a new Moving Target (MT) defense strategy that leverages Genetic Algorithms (GAs) to manage computer configurations. The technique discovers better solutions (configurations) by mimicking processes found in nature. Computer configurations are modeled as chromosomes, where configuration parameters, or settings, are individual chromosome traits. The GA proceeds by applying a series of selection, crossover, and mutation processes to discover new chromosomes from a pool. Since the system constantly evolves, it is designed to cope with new vulnerabilities or functionalities that can be potentially introduced over time.
An important objective is the development a prototype MT system that can provide a better understanding of the performance of evolutionary-based configuration management. Results will be of interest to researchers and practitioners since the approach is applicable to a variety of configurations. Furthermore this project will also introduce undergraduates to academic research in the area of computer security and system management.
|
EAGER: An Evolutionary-Inspired Approach for Moving Target Defenses