Moving Target Techniques: Leveraging Uncertainty for CyberDefense
Journal Article - Open Access
MIT Lincoln Laboratory Lexington United States
Pagination or Media Count:
Securing critical computer systems against cyberattacks is a continual struggle for system managers. Attackers often need only find one vulnerability a flaw or bug that an attacker can exploit to penetrate or disrupt a system to successfully compromise systems. Defenders, however, have the technically difficult task of discovering and fixing every vulnerability in a complex system, which usually comprises an operating system, device drivers, numerous software applications, and hardware components. Within cyberspace, this imbalance between a simple, one-vulnerability attack tactic and a complicated, multipart defense strategy favors attackers. While defensive applications have grown significantly in complexity and size over many years, malicious software, i.e., malware, has remained relatively simple, computationally small, and still effective in bypassing defensive applications 1.
- Computer Systems Management and Standards