|
Current information technology (IT) systems are relatively static from a configuration perspective and give adversaries the valuable advantage of time for breaching them. A new concept, called Moving Target Defense or MTD, dynamically reconfigures systems to increase uncertainty and complexity for attackers, reduce their window of opportunity, and raise the costs of their reconnaissance and attack endeavors. All of these contribute towards increased security. Unfortunately, current moving target defense approaches tend to address only individual aspects or components of an IT system and not holistically the entire system. While such efforts are important building-blocks, how a large complex system can be dynamically reconfigured and adapted remains an open research problem. This project investigates the feasibility and challenges related to adopting moving target defense for creating and managing structurally morphing IT systems in order to better protect them. It also provides opportunities for curriculum enhancement via integrating research results in cyber defense courses, training students at different levels and from under-represented groups and informing the security research community about opportunities and impediments to enterprise system defenses via moving target defense.
The project develops a comprehensive framework/platform for creating and managing structurally changing IT systems. The framework consists of several components: a methodology to abstract the functionality and structure of enterprise systems into a high-level multi-layered model, a compiler that converts the abstract requirements into an actual system, and a moving target defense strategy generator to assist and proactively evaluate the cost of various combinations of system changes against the security benefits achieved and performance overheads incurred. The framework is prototyped leveraging readily available virtualized environments, containerization techniques and configuration management tools. Vital component operations belonging to the moving target defense infrastructure are protected using the notion of hardware supported security enclaves to further enhance the security of the framework.
|
CRII: SaTC: Creating and Managing Structurally-Morphing IT Systems - Moving Targets