Machine-oriented biometrics and cocooning for dynamic network defense

Haas, J. H. De; Doak, Justin E.; Hamlet, Jason

doi:10.1145/2459976.2460014

Cited by 2 publications

(1 citation statement)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A specific example of a proactive approach is changing the IP addresses of machines on a network according to some kind of schedule [6]. An example reactive approach is MOB-C, which requires the detection of attempted lateral movement that then triggers "cocooning" or switching a potential adversary from real services to one or more emulated services [7]. Figure 1 shows a potential division of defensive techniques by domain, breaking potential areas of DD application into network-and host-based approaches first.…”

Section: Proactive Vs Reactivementioning

confidence: 99%

Dynamic defense workshop :

Crosby¹,

Doak²,

Haas³

et al. 2013

View full text Add to dashboard Cite

On September 5 th and 6 th , 2012, the Dynamic Defense Workshop: From Research to Practice brought together researchers from academia, industry, and Sandia with the goals of increasing collaboration between Sandia National Laboratories and external organizations, defining and understanding dynamic, or moving target, defense concepts and directions, and gaining a greater understanding of the state of the art for dynamic defense. Through the workshop, we broadened and refined our definition and understanding, identified new approaches to inherent challenges, and defined principles of dynamic defense. Half of the workshop was devoted to presentations of current state-of-the-art work. Presentation topics included areas such as the failure of current defenses, threats, techniques, goals of dynamic defense, theory, foundations of dynamic defense, future directions and open research questions related to dynamic defense. The remainder of the workshop was discussion, which was broken down into sessions on defining challenges, applications to host or mobile environments, applications to enterprise network environments, exploring research and operational taxonomies, and determining how to apply scientific rigor to and investigating the field of dynamic defense.

show abstract

Section: Proactive Vs Reactivementioning

confidence: 99%

Dynamic defense workshop :

Crosby¹,

Doak²,

Haas³

et al. 2013

View full text Add to dashboard Cite

show abstract

Network Randomization and Dynamic Defense for Critical Infrastructure Systems

Chavez

Martin

Hamlet

et al. 2015

View full text Add to dashboard Cite

Critical Infrastructure control systems continue to foster predictable communication paths, static configurations, and unpatched systems that allow easy access to our nation's most critical assets. This makes them attractive targets for cyber intrusion. We seek to address these attack vectors by automatically randomizing network settings, randomizing applications on the end devices themselves, and dynamically defending these systems against active attacks. Applying these protective measures will convert control systems into moving targets that proactively defend themselves against attack. Sandia National Laboratories has led this effort by gathering operational and technical requirements from Tennessee Valley Authority (TVA) and performing research and development to create a proof-of-concept solution. Our proof-of-concept has been tested in a laboratory environment with over 300 nodes. The vision of this project is to enhance control system security by converting existing control systems into moving targets and building these security measures into future systems while meeting the unique constraints that control systems face.

show abstract

Machine-oriented biometrics and cocooning for dynamic network defense

Cited by 2 publications

References 10 publications

Dynamic defense workshop :

Dynamic defense workshop :

Network Randomization and Dynamic Defense for Critical Infrastructure Systems

Contact Info

Product

Resources

About