发布求助
文献互助 智能选刊 最新文献

Proceedings of the 2016 ACM Workshop on Moving Target Defense最新文献

筛选
英文 中文
Moving Target Defense against DDoS Attacks: An Empirical Game-Theoretic Analysis 移动目标防御DDoS攻击:实证博弈论分析
Proceedings of the 2016 ACM Workshop on Moving Target Defense Pub Date : 2016-10-24 DOI: 10.1145/2995272.2995279
Mason Wright, S. Venkatesan, Massimiliano Albanese, Michael P. Wellman
{"title":"Moving Target Defense against DDoS Attacks: An Empirical Game-Theoretic Analysis","authors":"Mason Wright, S. Venkatesan, Massimiliano Albanese, Michael P. Wellman","doi":"10.1145/2995272.2995279","DOIUrl":"https://doi.org/10.1145/2995272.2995279","url":null,"abstract":"Distributed denial-of-service attacks are an increasing problem facing web applications, for which many defense techniques have been proposed, including several moving-target strategies. These strategies typically work by relocating targeted services over time, increasing uncertainty for the attacker, while trying not to disrupt legitimate users or incur excessive costs. Prior work has not shown, however, whether and how a rational defender would choose a moving-target method against an adaptive attacker, and under what conditions. We formulate a denial-of-service scenario as a two-player game, and solve a restricted-strategy version of the game using the methods of empirical game-theoretic analysis. Using agent-based simulation, we evaluate the performance of strategies from prior literature under a variety of attacks and environmental conditions. We find evidence for the strategic stability of various proposed strategies, such as proactive server movement, delayed attack timing, and suspected insider blocking, along with guidelines for when each is likely to be most effective.","PeriodicalId":20539,"journal":{"name":"Proceedings of the 2016 ACM Workshop on Moving Target Defense","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2016-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83255563","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 32
Demo: A Symbolic N-Variant System 演示:符号n变系统
Proceedings of the 2016 ACM Workshop on Moving Target Defense Pub Date : 2016-10-24 DOI: 10.1145/2995272.2995284
Jun Xu, Pinyao Guo, Bo Chen, R. Erbacher, Ping Chen, Peng Liu
{"title":"Demo: A Symbolic N-Variant System","authors":"Jun Xu, Pinyao Guo, Bo Chen, R. Erbacher, Ping Chen, Peng Liu","doi":"10.1145/2995272.2995284","DOIUrl":"https://doi.org/10.1145/2995272.2995284","url":null,"abstract":"This demo paper describes an approach to detect memory corruption attacks using artificial diversity. Our approach conducts offline symbolic execution of multiple variants of a system to identify paths which diverge in different variants. In addition, we build an efficient input matcher to check whether an online input matches the constraints of a diverging path, to detect potential malicious input. By evaluating the performance of a demo system built on Ghttpd, we find that per-input matching consumes only 70% to 96% of the real processing time in the master, which indicates a performance superiority for real world deployment.","PeriodicalId":20539,"journal":{"name":"Proceedings of the 2016 ACM Workshop on Moving Target Defense","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2016-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83066154","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Automated Effectiveness Evaluation of Moving Target Defenses: Metrics for Missions and Attacks 移动目标防御的自动有效性评估:任务和攻击的度量
Proceedings of the 2016 ACM Workshop on Moving Target Defense Pub Date : 2016-10-24 DOI: 10.1145/2995272.2995282
Joshua Taylor, Kara Zaffarano, Ben Koller, C. Bancroft, Jason Syversen
{"title":"Automated Effectiveness Evaluation of Moving Target Defenses: Metrics for Missions and Attacks","authors":"Joshua Taylor, Kara Zaffarano, Ben Koller, C. Bancroft, Jason Syversen","doi":"10.1145/2995272.2995282","DOIUrl":"https://doi.org/10.1145/2995272.2995282","url":null,"abstract":"In this paper, we describe the results of several experiments designed to test two dynamic network moving target defenses against a propagating data exfiltration attack. We designed a collection of metrics to assess the costs to mission activities and the benefits in the face of attacks and evaluated the impacts of the moving target defenses in both areas. Experiments leveraged Siege's Cyber-Quantification Framework to automatically provision the networks used in the experiment, install the two moving target defenses, collect data, and analyze the results. We identify areas in which the costs and benefits of the two moving target defenses differ, and note some of their unique performance characteristics.","PeriodicalId":20539,"journal":{"name":"Proceedings of the 2016 ACM Workshop on Moving Target Defense","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2016-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74136535","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 26
Multi-dimensional Host Identity Anonymization for Defeating Skilled Attackers 打击熟练攻击者的多维主机身份匿名化
Proceedings of the 2016 ACM Workshop on Moving Target Defense Pub Date : 2016-10-24 DOI: 10.1145/2995272.2995278
J. H. Jafarian, Amirreza Niakanlahiji, E. Al-Shaer, Qi Duan
{"title":"Multi-dimensional Host Identity Anonymization for Defeating Skilled Attackers","authors":"J. H. Jafarian, Amirreza Niakanlahiji, E. Al-Shaer, Qi Duan","doi":"10.1145/2995272.2995278","DOIUrl":"https://doi.org/10.1145/2995272.2995278","url":null,"abstract":"While existing proactive-based paradigms such as address mutation are effective in slowing down reconnaissance by naive attackers, they are ineffective against skilled human attackers. In this paper, we analytically show that the goal of defeating reconnaissance by skilled human attackers is only achievable by an integration of five defensive dimensions: (1) mutating host addresses, (2) mutating host fingerprints, (3) anonymizing host fingerprints, (4) deploying high-fidelity honeypots with context-aware fingerprints, and (5) deploying context-aware content on those honeypots. Using a novel class of honeypots, referred to as proxy honeypots (high-interaction honeypots with customizable fingerprints), we propose a proactive defense model, called (HIDE), that constantly mutates addresses and fingerprints of network hosts and proxy honeypots in a manner that maximally anonymizes identity of network hosts. The objective is to make a host untraceable over time by not letting even skilled attackers reuse discovered attributes of a host in previous scanning, including its addresses and fingerprint, to identify that host again. The mutations are generated through formal definition and modeling the problem. Using a red teaming evaluation with a group of white-hat hackers, we evaluated our five-dimensional defense model and compared its effectiveness with alternative and competing scenarios. These experiments as well as our analytical evaluation show that by anonymizing all identifying attributes of a host/honeypot over time, HIDE is able to significantly complicate reconnaissance, even for highly skilled human attackers.","PeriodicalId":20539,"journal":{"name":"Proceedings of the 2016 ACM Workshop on Moving Target Defense","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2016-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83417912","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 28
A Cyber Mutation: Metrics, Techniques and Future Directions 网络突变:度量、技术和未来方向
Proceedings of the 2016 ACM Workshop on Moving Target Defense Pub Date : 2016-10-24 DOI: 10.1145/2995272.2995285
E. Al-Shaer
{"title":"A Cyber Mutation: Metrics, Techniques and Future Directions","authors":"E. Al-Shaer","doi":"10.1145/2995272.2995285","DOIUrl":"https://doi.org/10.1145/2995272.2995285","url":null,"abstract":"After decades of cyber warfare, it is well-known that the static and predictable behavior of cyber configuration provides a great advantage to adversaries to plan and launch their attack successfully. At the same time, as cyber attacks are getting highly stealthy and more sophisticated, their detection and mitigation become much harder and expensive. We developed a new foundation for moving target defense (MTD) based on cyber mutation, as a new concept in cybersecurity to reverse this asymmetry in cyber warfare by embedding agility into cyber systems. Cyber mutation enables cyber systems to automatically change its configuration parameters in unpredictable, safe and adaptive manner in order to proactively achieve one or more of the following MTD goals: (1) deceiving attackers from reaching their goals, (2) disrupting their plans via changing adversarial behaviors, and (3) deterring adversaries by prohibitively increasing the attack effort and cost. In this talk, we will present the formal foundations, metrics and framework for developing effective cyber mutation techniques. The talk will also review several examples of developed techniques including Random Host Mutation, Random Rout Mutation, fingerprinting mutation, and mutable virtual networks. The talk will also address the evaluation and lessons learned for advancing the future research in this area.","PeriodicalId":20539,"journal":{"name":"Proceedings of the 2016 ACM Workshop on Moving Target Defense","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2016-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79376359","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Proceedings of the 2016 ACM Workshop on Moving Target Defense 2016年ACM移动目标防御研讨会论文集
Proceedings of the 2016 ACM Workshop on Moving Target Defense Pub Date : 2016-10-24 DOI: 10.1145/2995272
Peng Liu, Cliff X. Wang
{"title":"Proceedings of the 2016 ACM Workshop on Moving Target Defense","authors":"Peng Liu, Cliff X. Wang","doi":"10.1145/2995272","DOIUrl":"https://doi.org/10.1145/2995272","url":null,"abstract":"It is our great pleasure to welcome you to the 2016 MTD (Moving Target Defense) Workshop. This workshop seeks to bring together researchers from academia, government, and industry to report on the latest results on moving-target defense research, and to have productive discussion and constructive debate on this topic. The workshop is a single day event co-located with the 2016 ACM Conference on Computer and Communications Security (ACM CCS). Out of a total of 26 submissions from Asia, Europe, and North America, we accepted 9 regular papers and 2 short papers. In addition, we have accepted one system demo. \u0000 \u0000We also encourage attendees to attend the keynote and invited talk presentations. These valuable and insightful talks will give us a better understanding of the future: \u0000A Cyber Mutation: Metrics, Techniques and Future Directions, Ehab Al-Shaer (who is currently at UNC Charlotte) \u0000Moving Target Defense - A Journey from Idea to Product, Jason Li (who is currently at Intelligent Automation, Inc.)","PeriodicalId":20539,"journal":{"name":"Proceedings of the 2016 ACM Workshop on Moving Target Defense","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2016-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84579132","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Session details: Keynote Talk 会议详情:主题演讲
Proceedings of the 2016 ACM Workshop on Moving Target Defense Pub Date : 2016-10-24 DOI: 10.1145/3257181
Peng Liu
{"title":"Session details: Keynote Talk","authors":"Peng Liu","doi":"10.1145/3257181","DOIUrl":"https://doi.org/10.1145/3257181","url":null,"abstract":"","PeriodicalId":20539,"journal":{"name":"Proceedings of the 2016 ACM Workshop on Moving Target Defense","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2016-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73602420","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信