Moving Target Techniques: Cyber Resilience throught Randomization, Diversity, and Dynamism
MASSACHUSETTS INST OF TECH LEXINGTON LEXINGTON United States
Pagination or Media Count:
The static nature of computer systems makes them vulnerable to cyber attacks. Consider a situation where an attacker wants to compromise a remote system running a specific application. The attacker need only find one vulnerability in a local copy of that application. Since all copies of that application are identical and static, the attacker can leverage that vulnerability to exploit the application on a remote machine. Worse yet, the same vulnerability can be exploited to attack thousands or millions of other machines that run the same application. Also, since the internals of the system changes little over time, the same attack is likely to succeed for a long time. The situation is exacerbated by the fact that any reconnaissance information collected on the system by the attackers will also be valid for a long time. This creates an imbalance in favor of attacks. A promising approach to cyber resilience that attempts to rebalance the cyber landscape is known as cyber moving target MT or just moving target techniques. Moving target techniques change the static nature of computer systems to increase both the difficulty and the cost in effort, time, and resources of mounting attacks. Simply put, these techniques turn systems into moving targets that will be hard for cyber attackers to compromise. MT techniques leverage randomization, diversity, and dynamism to achieve resilience. Randomization refers to introducing non-determinism to the internal structures of a system while preserving its correct functionality diversity refers to introducing heterogeneity among computer systems so that they cannot be compromised by the same attack and dynamism refers to changing the properties of a system over time so that the same attack cannot compromise it in the future.MT technique can implement any subset of these three goals.