Lessons Learned in Network and Memory-Based Moving Target Defenses

Abstract

Moving-Target Defenses seek to introduce dynamism, randomness, and diversity into computer systems in an effort to make these systems harder to explore, predict, and exploit. Over the past decade a variety of work has explored applying these kinds of defenses to applications? runtime environments, to the operating systems and architectures running the applications, and to networks. In this paper, we report on lessons learned from seven years of building and evaluating moving-target defenses, primarily for process memory layouts and networks. We identify six major lessons learned from our experience that we believe to be broadly applicable to moving-target defenses, focusing around the importance and impact of threat models and characteristics of effective moving-target defenses. We then offer suggestions for the future direction of the field based on our experience.