SCIT Based Moving Target Defense Reduces and Shifts Attack Surface

Ajay Nagarajan, Arun Sood

2014

Abstract

Current approach to security is based on perimeter defense and relies on reactive systems like firewalls, intrusion detection and prevention systems. These systems require a priori information about attacks and vulnerabilities. McAfee reports identifying 100,000 new unique malware each day. Thus trying to prevent intrusions is becoming impractical. Although it is difficult to model and predict a hacker’s moves, a defender might be able to make hacker’s task harder by adopting Moving Target Defense (MTD) proactive security strategies. In this paper, we present SCIT, our MTD approach. We use Attack Surface assessment to evaluate SCIT. A system’s attack surface is the subset of its resources that an attacker can use to attack the system. Manadhata uses attack surface reduction / shifting as means of assessing MTD. In this paper, we compare the dynamically changing Attack Surface for three system architectures (1) Static Systems; (2) Basic-SCIT and (3) Diverse-SCIT.

References

  1. McAfee “Infographic: The State of Malware 2013”
  2. Verizon Business “Data Breach Investigation Report 2013”
  3. Mandiant “APT1: Exposing one of China's Cyber Espionage Units” report
  4. David Evans, Anh Nguyen-Tuong, John Knight “Effectiveness of Moving Target Defenses” Chapter 2, Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats 2011
  5. Ajay Nagarajan and Arun Sood, “SCIT and IDS Architectures for Reduced Data Exfiltration” 4th Workshop on Recent Advances in Intrusion-Tolerant Systems, Chicago, USA, June 2010.
  6. Yih Huang, David Arsenault, and Arun Sood. “Incorruptible System Self-Cleansing for Intrusion Tolerance” Performance, Computing and Communications Conference, IPCCC 2006.
  7. Quyen L. Nguyen and Arun Sood, "Comparative Analysis of Intrusion-Tolerant System Architectures", IEEE Security and Privacy. Preprint. Accepted for publication August 2010
  8. Manadhata, P.K. “An attack surface metric” Ph.D. thesis, Carnegie Mellon University (2008)
  9. Manadhata, P.K. “Game Theoretic Approaches to Attack Surface Shifting”, MTD II
  10. Awad A. Younis and Yashwant K. Malaiya “Relationship between Attack Surface and Vulnerability Density: A Case Study on Apache HTTP Server”, The 2012 International Conference on Internet Computing, Las Vegas, USA, July 2012
  11. James E. Just et al “Learning Unknown Attacks - A start” Foundations of Intrusion Tolerant Systems, pp 374-386, 2003
  12. Ajay Nagarajan and Arun K. Sood “Measuring Work Factor in a Moving Target Host Architecture”, Presentation at Workshop on Multi-spectrum Metrics for Cyber Defense, CSAIL, MIT, Boston, USA, Oct 2013.
  13. Microsoft Attack Surface Analyzer. http://www.microsoft.com/en-us/download/ details.aspx?id=24487
Download


Paper Citation


in Harvard Style

Nagarajan A. and Sood A. (2014). SCIT Based Moving Target Defense Reduces and Shifts Attack Surface . In Proceedings of the 11th International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2014) ISBN 978-989-758-031-4, pages 14-25. DOI: 10.5220/0004978300140025


in Bibtex Style

@conference{wosis14,
author={Ajay Nagarajan and Arun Sood},
title={SCIT Based Moving Target Defense Reduces and Shifts Attack Surface},
booktitle={Proceedings of the 11th International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2014)},
year={2014},
pages={14-25},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004978300140025},
isbn={978-989-758-031-4},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 11th International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2014)
TI - SCIT Based Moving Target Defense Reduces and Shifts Attack Surface
SN - 978-989-758-031-4
AU - Nagarajan A.
AU - Sood A.
PY - 2014
SP - 14
EP - 25
DO - 10.5220/0004978300140025