ChameleonSoft: A Moving Target Defense System

Azab, Mohamed; Hassan, Riham; Eltoweissy, Mohamed

doi:10.4108/icst.collaboratecom.2011.247115

Cited by 30 publications

(21 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It maximizes the unpredictability by solving the optimal graph-coloring problem. Azab et al [91] proposed bionics-based software diversification for complex applications. It segments complex software into smaller tasks.…”

Section: Single-layer Mtdmentioning

confidence: 99%

Moving Target Defense Techniques: A Survey

Cheng

Zhang

Jian-cheng

et al. 2018

Security and Communication Networks

View full text Add to dashboard Cite

As an active defense technique to change asymmetry in cyberattack-defense confrontation, moving target defense research has become one of the hot spots. In order to gain better understanding of moving target defense, background knowledge and inspiration are expounded at first. Based on it, the concept of moving target defense is analyzed. Secondly, literature analysis method is adopted to explain the design principles and system architecture of moving target defense. In addition, some relevant key techniques are introduced from the aspects of strategy generation, shuffling implementation, and performance evaluation. After that, the applications of moving target defense in different network architectures are illustrated. Finally, existing problems and future trend in this field are elaborated so as to provide a basis for further study.

show abstract

Section: Single-layer Mtdmentioning

confidence: 99%

Moving Target Defense Techniques: A Survey

Cheng

Zhang

Jian-cheng

et al. 2018

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…To be more effective and practical, an MTD system should also be equipped with the reactive ability, which responds to an anomalous event observed or perceived (Carvalho et al, 2012). Currently, some existing mechanisms have been designed with active and reactive abilities simultaneously, such as ChameleonSoft (Azab et al, 2011) and moving attack surface (MAS) (Huang and Ghosh, 2011). In other words, the operation mode of MTDs is no longer consistent with the traditional PPDRR security model; i.e., the introduction of MTD changes the general defense process of traditional defense mechanisms and approaches, and produces a new security model accordingly.…”

Section: Recoverymentioning

confidence: 99%

“…Selection means choosing a new parameter with its value or assigning a new value to the previous moving parameter(s) from its(their) domain(s) through various ways, such as choosing randomly (Roeder and Schneider, 2010;Azab et al, 2011;Jafarian et al, 2012), choosing according to the game theory (Manadhata, 2013; Zhu and Başar, 2013;Carter et al, 2014), and choosing according to the attack behavior observed or the situation of cyber-security (Azab et al, 2011;Huang and Ghosh, 2011;Jia et al, 2013). Replacement is using the selected new parameter with its value or the selected new value to replace the old one.…”

Section: Moving Target Defense Theorymentioning

confidence: 99%

“…In ChameleonSoft (Azab et al, 2011), large missions of a huge software program are divided into small tasks, and each task is assigned to one or more cells that would manually or automatically generate several variants for the task. The variants have different objectives targeting different Zhuang et al (2012) The system resources exposed to attackers (e.g., software, ports) as well as the compromised network resources a Zhu and Başar 2013The set of vulnerabilities exhibited by the system a Peng et al 2014The totality of the target system's externally accessible resources b Huang and Ghosh 2011Taking a virtual server pool with diversity as an example to graphically show the meaning and process of attack surface shifting b Manadhata 2013Defining the notion of attack surface shifting graphically and formally, in which the resources' contribution to the attack surface or the resources' shifting is crucial c Zhuang et al (2014b) (1) Putting forward a vast number of basic definitions to represent what is MTD;…”

Section: Software Transformationsmentioning

confidence: 99%

“…As mentioned in Section 3, attack surface can be viewed as a set of all the properties of the system that can be used for attack. Attack surface reduction means reducing some of the properties, and the usual way to achieve attack surface reduction is to repair some vulnera- (Azab et al, 2011), end-to-end software randomly chosen to replace the current candidate) diversity (Christodorescu et al, 2011), practical software diversification (Pappas et al, 2013), SEM (Cui and Stolfo, 2011), proactive obfuscation (Roeder and Schneider, 2010), HMS (le Goues et al, 2013), NOMAD (Vikram et al, 2013), adaptive JIT code diversification (Jangda et al, 2015), OF-RHM (Jafarian et al, 2012), spatio-temporal address mutation (Jafarian et al, 2014), and MOTAG (Jia et al, 2013) Choosing by rotation (the next candidate is chosen SCIT (Bangalore and Sood, 2009), MAS (Huang and Ghosh, by turns) 2011), and MORE (Thompson et al, 2014) Choosing according to function (the next MT6D (Dunlop et al, 2011), RHM (Al-Shaer et al, 2013), candidate is calculated by a function) MTD-MANETs (Albanese et al, 2013), the SDN shuffle approach (MacFarland and Shue, 2015), the SDN-based frequency-minimal MTD approach (Debroy et al, 2016), and RPAH (Luo et al, 2015) Choosing according to game theory (this method Manadhata (2013), Zhu and Başar (2013), is used to provide a general method for attack and Carter et al (2014) surface shifting, and there can be multiple specific strategies under the guidance of this method) Choosing according to the attack behavior observed Spatio-temporal address mutation (Jafarian et al, 2014), and or perceived (the next candidate is chosen to TALENT (Okhravi et al, 2011b) meet some specific security requirements) * (The next candidate is chosen based on an MTD MTD strategy for cloud-based services (Peng et al, 2014) service deployment strategy proposed by authors) * (The selection probability for each candidate OF-RHM (Jafarian et al, 2012) directly relates to the weight that is associated with each candidate based on a certain criterion) * (The next candidate (new configuration) is chosen…”

Section: Attack Surface Reductionmentioning

confidence: 99%

See 2 more Smart Citations

Moving target defense: state of the art and characteristics

Cai

Wang

et al. 2016

Frontiers Inf Technol Electronic Eng

View full text Add to dashboard Cite

Moving target defense (MTD) has emerged as one of the game-changing themes to alter the asymmetric situation between attacks and defenses in cyber-security. Numerous related works involving several facets of MTD have been published. However, comprehensive analyses and research on MTD are still absent. In this paper, we present a survey on MTD technologies to scientifically and systematically introduce, categorize, and summarize the existing research works in this field. First, a new security model is introduced to describe the changes in the traditional defense paradigm and security model caused by the introduction of MTD. A function-and-movement model is provided to give a panoramic overview on different perspectives for understanding the existing MTD research works. Then a systematic interpretation of published literature is presented to describe the state of the art of the three main areas in the MTD field, namely, MTD theory, MTD strategy, and MTD evaluation. Specifically, in the area of MTD strategy, the common characteristics shared by the MTD strategies to improve system security and effectiveness are identified and extrapolated. Thereafter, the methods to implement these characteristics are concluded. Moreover, the MTD strategies are classified into three types according to their specific goals, and the necessary and sufficient conditions of each type to create effective MTD strategies are then summarized, which are typically one or more of the aforementioned characteristics. Finally, we provide a number of observations for the future direction in this field, which can be helpful for subsequent researchers.

show abstract

Active Defense Techniques

Evans

Horsthemke

2018

Cyber Resilience of Systems and Networks

View full text Add to dashboard Cite

ChameleonSoft: A Moving Target Defense System

Cited by 30 publications

References 18 publications

Moving Target Defense Techniques: A Survey

Moving Target Defense Techniques: A Survey

Moving target defense: state of the art and characteristics

Active Defense Techniques

Contact Info

Product

Resources

About