Presentation is loading. Please wait.

Presentation is loading. Please wait.

Moving Target Defense in Cyber Security

Published byBeau Shingleton Modified over 9 years ago

Similar presentations

Presentation on theme: "Moving Target Defense in Cyber Security"— Presentation transcript:

1 Moving Target Defense in Cyber Security
Jianjun “Jeffrey” Zheng July 2014

2 Moving Target Defense in Cyber Security
Introduction Problems in Current Cyber Security Defense Paradigm Moving Target Defense Concept Current Research on MDT Future Work

3 Cyber Security Defense Illustration
Introduction Cyber Security Defense Illustration

4 Current Security Defense
Problems in Current Security Defense Paradigm Passive Reactive Asymmetric in resources and cost Attackers have advantage

5 Moving Target Defense Approach

6 Moving Target Defense Approach
Based on system diversity From stand-alone software to network system Dynamically change software or system configuration to add uncertainty, unpredictability, and diversity Cause system’s attack surface to change continuously Increase the cost for attackers As a result, the system is unpredictable to attackers, hard to be exploited, and is more resilient to attacks

7 Moving Target Defense Approach
Moving Target Defense Research System Level Address Space Layout Randomization (ASLR) Proposed and implemented by Linux PaX project in 2001 Implemented in major OS systems, partially and completely Can prevent code injection attack Might be broken by entropy attack

8 Moving Target Defense Approach
Moving Target Defense Research System Level Address Space Layout Randomization (ASLR)

9 Moving Target Defense Approach
Moving Target Defense Research System Level Address Space Layout Randomization (ASLR)

10 Moving Target Defense Approach
Moving Target Defense Research System Level Instruction Set Randomization (ISR) An execution environment to prevent code injection Reversible transformation between the processor and main memory

11 Moving Target Defense Approach
Moving Target Defense Research System Level Data Randomization Randomize pointers (XOR pointer with random key) Randomize memory data (XOR data with random masks)

12 Moving Target Defense Approach
Moving Target Defense Research System Level Compiler-based Randomization Use compiler to generate multiple functionally equivalent, but internally different variants of a program

13 Moving Target Defense Approach
Moving Target Defense Research Application Level Diversify and randomize software using installer Software installed through the special installer will be tagged with a random key An execution environment will check and verify the random key If the key is valid, the software is authorized to execute. Otherwise, software will not run

14 Moving Target Defense Approach
Moving Target Defense Research Application Level Diversify commands to prevent SQL injection attack, command injection attack, and cross-site scripting SELECT id, name, description FROM products WHERE productid=$value 99999 OR 1=1 SELECT id, name, description FROM products WHERE productid=99999 OR 1=1

15 Moving Target Defense Approach
Moving Target Defense Research Application Level Diversify commands to prevent SQL injection attack, command injection attack, and cross-site scripting Rewrites all keywords with a random key appended After taking user input, removes the random key by using regular expression check If the check fails, the query will not be forwarded to database for execution

16 Moving Target Defense Approach
Moving Target Defense Research Application Level Diversify commands to prevent SQL injection attack, command injection attack, and cross-site scripting SELECT123 id, name, description FROM123 products WHERE123 productid=$value 99999 OR 1=1 SELECT123 id, name, description FROM123 products WHERE123 productid=99999 OR 1=1

17 Moving Target Defense Approach
Moving Target Defense Research Network Level Dynamic Resource Mapping System Randomly change the location of the system where important resources are stored A mapping system keeps track of the new locations

18 Moving Target Defense Approach
Moving Target Defense Research Network Level Random Host Mutation Randomly change host IP address

19 Moving Target Defense Approach
Moving Target Defense Research Network Level Mutable Network (MUTE) Random address hopping Random finger printing

20 Moving Target Defense Approach
Challenges Deployable Minimum impact on mission critical system Scalable

21 Questions?

Download ppt "Moving Target Defense in Cyber Security"

Similar presentations

Defenses. Preventing hijacking attacks 1. Fix bugs: – Audit software Automated tools: Coverity, Prefast/Prefix. – Rewrite software in a type safe languange.

Defenses. Preventing hijacking attacks 1. Fix bugs: – Audit software Automated tools: Coverity, Prefast/Prefix. – Rewrite software in a type safe languange.
CS457 – Introduction to Information Systems Security Software 4 Elias Athanasopoulos

CS457 – Introduction to Information Systems Security Software 4 Elias Athanasopoulos
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 10: Buffer Overflow.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 10: Buffer Overflow.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 11 – Buffer Overflow.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 11 – Buffer Overflow.
Lecture 16 Buffer Overflow modified from slides of Lawrie Brown.

Lecture 16 Buffer Overflow modified from slides of Lawrie Brown.
1 SECURE-PARTIAL RECONFIGURATION OF FPGAs MSc.Fisnik KRAJA Computer Engineering Department, Faculty Of Information Technology, Polytechnic University of.

1 SECURE-PARTIAL RECONFIGURATION OF FPGAs MSc.Fisnik KRAJA Computer Engineering Department, Faculty Of Information Technology, Polytechnic University of.
Dec 5, 2007University of Virginia1 Efficient Dynamic Tainting using Multiple Cores Yan Huang University of Virginia Dec. 5 2007.

Dec 5, 2007University of Virginia1 Efficient Dynamic Tainting using Multiple Cores Yan Huang University of Virginia Dec
Critical Software Security Through Replication and Virtualization A Research Proposal Dennis Edwards Sharon Simmons Arangamanikkannan Manickam.

Critical Software Security Through Replication and Virtualization A Research Proposal Dennis Edwards Sharon Simmons Arangamanikkannan Manickam.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
1 CHAPTER 8 BUFFER OVERFLOW. 2 Introduction One of the more advanced attack techniques is the buffer overflow attack Buffer Overflows occurs when software.

1 CHAPTER 8 BUFFER OVERFLOW. 2 Introduction One of the more advanced attack techniques is the buffer overflow attack Buffer Overflows occurs when software.
Instruction-Set Randomization “Countering Code-Injection Attacks With Instruction-Set Randomization” G. Kc, A. Keromytis, and V. Prevelakis CCS October.

Instruction-Set Randomization “Countering Code-Injection Attacks With Instruction-Set Randomization” G. Kc, A. Keromytis, and V. Prevelakis CCS October.
Stack-Based Buffer Overflows Attacker – Can take over a system remotely across a network. local malicious users – To elevate their privileges and gain.

Stack-Based Buffer Overflows Attacker – Can take over a system remotely across a network. local malicious users – To elevate their privileges and gain.
CSE331: Introduction to Networks and Security Lecture 28 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 28 Fall 2002.
Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.

Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.
Securing Software Systems Gaurav S. Kc Programming Systems Lab 9 th April, 2003.

Securing Software Systems Gaurav S. Kc Programming Systems Lab 9 th April, 2003.
Achieving Trusted Systems by Providing Security and Reliability Ravishankar K. Iyer, Zbigniew Kalbarczyk, Jun Xu, Shuo Chen, Nithin Nakka and Karthik Pattabiraman.

Achieving Trusted Systems by Providing Security and Reliability Ravishankar K. Iyer, Zbigniew Kalbarczyk, Jun Xu, Shuo Chen, Nithin Nakka and Karthik Pattabiraman.
Security+ Guide to Network Security Fundamentals, Third Edition

Security+ Guide to Network Security Fundamentals, Third Edition
Crawler-Based Search Engine By: Bryan Chapman, Ryan Caplet, Morris Wright.

Crawler-Based Search Engine By: Bryan Chapman, Ryan Caplet, Morris Wright.
SQL Injection and Buffer overflow

SQL Injection and Buffer overflow
1 RAKSHA: A FLEXIBLE ARCHITECTURE FOR SOFTWARE SECURITY Computer Systems Laboratory Stanford University Hari Kannan, Michael Dalton, Christos Kozyrakis.

1 RAKSHA: A FLEXIBLE ARCHITECTURE FOR SOFTWARE SECURITY Computer Systems Laboratory Stanford University Hari Kannan, Michael Dalton, Christos Kozyrakis.

Similar presentations

Ads by Google