ABSTRACT
Moving target defense is a technique for protecting internet-facing systems via the creation of a variable attack surface, that is, a changing profile that, however, is able to provide the same service to legitimate users. In the case of internet servers, it can be achieved via the generation of different configurations that change the service profile, and that can be included in a policy of restarting services with new configurations after a random time and with a random frequency. In this paper we will present a method based on evolutionary algorithms that uses industry-standard practices to score the vulnerability of a server and is designed to generate multiple configurations with optimized score in every run of the algorithm. We make improvements over a previous version of the method by tuning the evolutionary algorithm with the challenge of the very costly fitness evaluation that only allows for a very limited evaluation budget.
- David J. John, Robert W. Smith, William H. Turkett, Daniel A. Canas, and Errin W. Fulp. 2014. Evolutionary Based Moving Target Cyber Defense. In Proceedings of the Companion Publication of the 2014 Annual Conference on Genetic and Evolutionary Computation (GECCO Comp '14). ACM, New York, NY, USA, 1261--1268. event-place: Vancouver, BC, Canada. Google ScholarDigital Library
- NITRD. 2009. NITRD CSIA IWG Cybersecurity Game-Change Research and Development Recommendations. https://bit.ly/2peOnfd. (May 2009).Google Scholar
- Ernesto Serrano, Pedro A. Castillo, and Juan J. Merelo. 2020. Using evolutionary algorithms for server hardening via the moving target defense technique. In EvoApplications 2020 proceedings, to be published. Springer, Cham, Article 114, 16 pages.Google Scholar
Index Terms
- Moving target defense through evolutionary algorithms
Recommendations
Evolutionary based moving target cyber defense
GECCO Comp '14: Proceedings of the Companion Publication of the 2014 Annual Conference on Genetic and Evolutionary ComputationA Moving Target (MT) defense constantly changes a system's attack surface, in an attempt to limit the usefulness of the reconnaissance the attacker has collected. One approach to this defense strategy is to intermittently change a system's ...
Delivering diverse web server configuration in a moving target defense using evolutionary algorithms
GECCO '20: Proceedings of the 2020 Genetic and Evolutionary Computation Conference CompanionCreating diverse service configurations that can be swiftly swapped is the essence of the so called Moving Target Defense: presenting a different attack surface for attackers profiling a system for further advances can be applied to many different ...
Moving Target Defense Against Injection Attacks
Algorithms and Architectures for Parallel ProcessingAbstractWith the development of network technology, web services become more convenient and popular. However, web services are also facing serious security threats, especially SQL injection attack(SQLIA). Due to the diversity of attack techniques and the ...
Comments