首页 > 最新文献

Proceedings of the Second ACM Workshop on Moving Target Defense最新文献

英文 中文
Session details: MTD Modeling and Evaluation I (regular papers) 会议详情:MTD建模与评估I(常规论文)
Pub Date : 2015-10-12 DOI: 10.1145/3253884
Xinming Ou
{"title":"Session details: MTD Modeling and Evaluation I (regular papers)","authors":"Xinming Ou","doi":"10.1145/3253884","DOIUrl":"https://doi.org/10.1145/3253884","url":null,"abstract":"","PeriodicalId":20578,"journal":{"name":"Proceedings of the Second ACM Workshop on Moving Target Defense","volume":"1 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2015-10-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84224414","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
DHT Blind Rendezvous for Session Establishment in Network Layer Moving Target Defenses 网络层移动目标防御中会话建立的DHT盲交会
Pub Date : 2015-10-12 DOI: 10.1145/2808475.2808477
Christopher Morrell, R. Moore, R. Marchany, J. Tront
This paper introduces a new method of securely exchanging information through a moving blind rendezvous by leveraging the size and distributed nature of BitTorrent Mainline Distributed Hash Table (DHT) in order to bootstrap a connection between nodes in a network layer moving target defense (MTD) system. Specifically we demonstrate an implementation of this scheme integrated with an existing MTD implemented in the IPv6 space: the Moving Target IPv6 Defense (MT6D). We show how MT6D peers can use this protocol to exchange configuration information, allowing them to locate other nodes as they move around the Internet, and how they can securely establish connections and related association parameters with no prior knowledge of the other party's network state. We require a minimal amount of pre-shared information between nodes; only that peers have access to public key information. This scheme enables mobility for peers within the MT6D protocol, allows dynamically changing configurations, and allows an MT6D server to scale to supporting many clients without a quadratic explosion in the number of secret keys which need to be maintained.
本文介绍了一种利用BitTorrent主流分布式哈希表(DHT)的大小和分布式特性,通过移动盲交会安全交换信息的新方法,以引导网络层移动目标防御(MTD)系统中节点之间的连接。具体来说,我们演示了该方案与IPv6空间中实现的现有MTD集成的实现:移动目标IPv6防御(MT6D)。我们展示了MT6D对等体如何使用该协议交换配置信息,允许它们在互联网上移动时定位其他节点,以及它们如何在不事先了解另一方网络状态的情况下安全地建立连接和相关关联参数。我们要求节点之间的预共享信息最少;只有对等方才能访问公钥信息。该方案支持MT6D协议内的对等体的移动性,允许动态更改配置,并允许MT6D服务器扩展以支持许多客户端,而无需在需要维护的密钥数量上出现二次爆炸。
{"title":"DHT Blind Rendezvous for Session Establishment in Network Layer Moving Target Defenses","authors":"Christopher Morrell, R. Moore, R. Marchany, J. Tront","doi":"10.1145/2808475.2808477","DOIUrl":"https://doi.org/10.1145/2808475.2808477","url":null,"abstract":"This paper introduces a new method of securely exchanging information through a moving blind rendezvous by leveraging the size and distributed nature of BitTorrent Mainline Distributed Hash Table (DHT) in order to bootstrap a connection between nodes in a network layer moving target defense (MTD) system. Specifically we demonstrate an implementation of this scheme integrated with an existing MTD implemented in the IPv6 space: the Moving Target IPv6 Defense (MT6D). We show how MT6D peers can use this protocol to exchange configuration information, allowing them to locate other nodes as they move around the Internet, and how they can securely establish connections and related association parameters with no prior knowledge of the other party's network state. We require a minimal amount of pre-shared information between nodes; only that peers have access to public key information. This scheme enables mobility for peers within the MT6D protocol, allows dynamically changing configurations, and allows an MT6D server to scale to supporting many clients without a quadratic explosion in the number of secret keys which need to be maintained.","PeriodicalId":20578,"journal":{"name":"Proceedings of the Second ACM Workshop on Moving Target Defense","volume":"107 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2015-10-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86839684","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Optimal Defense Policies for Partially Observable Spreading Processes on Bayesian Attack Graphs 贝叶斯攻击图上部分可观察扩散过程的最优防御策略
Pub Date : 2015-10-12 DOI: 10.1145/2808475.2808482
Erik Miehling, M. Rasouli, D. Teneketzis
The defense of computer networks from intruders is becoming a problem of great importance as networks and devices become increasingly connected. We develop an automated approach to defending a network against continuous attacks from intruders, using the notion of Bayesian attack graphs to describe how attackers combine and exploit system vulnerabilities in order to gain access and progress through a network. We assume that the attacker follows a probabilistic spreading process on the attack graph and that the defender can only partially observe the attacker's capabilities at any given time. This leads to the formulation of the defender's problem as a partially observable Markov decision process (POMDP). We define and compute optimal defender countermeasure policies, which describe the optimal countermeasure action to deploy given the current information.
随着网络和设备的连接日益紧密,计算机网络的防御已成为一个非常重要的问题。我们开发了一种自动化的方法来保护网络免受入侵者的持续攻击,使用贝叶斯攻击图的概念来描述攻击者如何结合和利用系统漏洞,以便通过网络获得访问和进展。我们假设攻击者在攻击图上遵循概率扩散过程,并且防御者在任何给定时间只能部分地观察到攻击者的能力。这导致将防守者的问题表述为部分可观察的马尔可夫决策过程(POMDP)。我们定义并计算了最优防御对策策略,该策略描述了在给定当前信息的情况下部署的最优对策行动。
{"title":"Optimal Defense Policies for Partially Observable Spreading Processes on Bayesian Attack Graphs","authors":"Erik Miehling, M. Rasouli, D. Teneketzis","doi":"10.1145/2808475.2808482","DOIUrl":"https://doi.org/10.1145/2808475.2808482","url":null,"abstract":"The defense of computer networks from intruders is becoming a problem of great importance as networks and devices become increasingly connected. We develop an automated approach to defending a network against continuous attacks from intruders, using the notion of Bayesian attack graphs to describe how attackers combine and exploit system vulnerabilities in order to gain access and progress through a network. We assume that the attacker follows a probabilistic spreading process on the attack graph and that the defender can only partially observe the attacker's capabilities at any given time. This leads to the formulation of the defender's problem as a partially observable Markov decision process (POMDP). We define and compute optimal defender countermeasure policies, which describe the optimal countermeasure action to deploy given the current information.","PeriodicalId":20578,"journal":{"name":"Proceedings of the Second ACM Workshop on Moving Target Defense","volume":"9 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2015-10-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77243728","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 75
Characterizing Network-Based Moving Target Defenses 基于网络的移动目标防御特征
Pub Date : 2015-10-12 DOI: 10.1145/2808475.2808484
Marc Green, D. C. MacFarland, Doran R. Smestad, Craig A. Shue
The moving target defense (MTD) strategy allows defenders to limit the effectiveness of attacker reconnaissance and exploitation. Many academic works have created MTDs in different deployment environments. However, network-based MTDs (NMTDs) share key components and properties that determine their effectiveness. In this work, we identify and define seven properties common to NMTDs which are key to ensuring the effectiveness of the approach. We then evaluate four NMTD systems using these properties and found two or more key concerns for each of the systems. This analysis shows that these properties may help guide developers of new NMTD systems by guiding the evaluation of these systems and can be used by others as a rubric to assess the strengths and limitations of each NMTD approach.
移动目标防御(MTD)策略允许防御者限制攻击者侦察和利用的有效性。许多学术著作都在不同的部署环境中创建了mtd。然而,基于网络的mtd (nmtd)共享决定其有效性的关键组件和属性。在这项工作中,我们确定并定义了nmtd的七个共同属性,这些属性是确保该方法有效性的关键。然后我们使用这些属性评估了四个NMTD系统,并为每个系统找到了两个或更多的关键关注点。这个分析表明,这些属性可以通过指导这些系统的评估来帮助指导新的NMTD系统的开发人员,并且可以被其他人用作评估每种NMTD方法的优点和局限性的标题。
{"title":"Characterizing Network-Based Moving Target Defenses","authors":"Marc Green, D. C. MacFarland, Doran R. Smestad, Craig A. Shue","doi":"10.1145/2808475.2808484","DOIUrl":"https://doi.org/10.1145/2808475.2808484","url":null,"abstract":"The moving target defense (MTD) strategy allows defenders to limit the effectiveness of attacker reconnaissance and exploitation. Many academic works have created MTDs in different deployment environments. However, network-based MTDs (NMTDs) share key components and properties that determine their effectiveness. In this work, we identify and define seven properties common to NMTDs which are key to ensuring the effectiveness of the approach. We then evaluate four NMTD systems using these properties and found two or more key concerns for each of the systems. This analysis shows that these properties may help guide developers of new NMTD systems by guiding the evaluation of these systems and can be used by others as a rubric to assess the strengths and limitations of each NMTD approach.","PeriodicalId":20578,"journal":{"name":"Proceedings of the Second ACM Workshop on Moving Target Defense","volume":"8 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2015-10-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87339185","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 27
Proceedings of the Second ACM Workshop on Moving Target Defense 第二届美国计算机学会移动目标防御研讨会论文集
Pub Date : 2015-10-12 DOI: 10.1145/2808475
G. Cybenko, Dijiang Huang
It is our great pleasure to welcome you to the 2015 ACM Workshop on Moving Target Defense -- MTD'15. This year's MTD workshop continues its tradition of being the premier forum for presentation of research results and experience reports on leading edge issues of access control, nincluding models, systems, applications, and theory. The mission of the symposium is to share novel access control solutions that fulfill the needs of heterogeneous applications and environments and identify new directions for future research and development. ACRONYM gives researchers and practitioners a unique opportunity to share their perspectives with others interested in the various aspects of access control. The call for papers attracted submissions from Asia, Europe, and United States. Submissions are from both industry and academia. The workshop received 19 submissions. Each submitted paper has at least 3 review comments from TPC members. The program committee reviewed and accepted the following: Full Technical Papers submitted 19, accepted 8 Short Experience Reports submitted 19, accepted 4 We also encourage attendees to attend the keynote and invited talk presentations. These valuable and insightful talks can and will guide us to a better understanding of the future: From Fine Grained Code Diversity to Execute-Only-Memory: The Cat and Mouse Game Between Attackers and Defenders Continues, Michael Franz, (University of California, Irvine) Getting Beyond Tit for Tat: Better Strategies for Moving Target Prototyping and Evaluation, Hamed Okhravi (MIT Lincoln Laboratory))
我们非常高兴地欢迎您参加2015年ACM移动目标防御研讨会- MTD'15。今年的MTD研讨会延续了其传统,即作为介绍访问控制前沿问题(不包括模型、系统、应用和理论)的研究成果和经验报告的主要论坛。研讨会的任务是分享满足异构应用和环境需求的新颖访问控制解决方案,并确定未来研究和发展的新方向。ACRONYM为研究人员和从业者提供了一个独特的机会,可以与对访问控制的各个方面感兴趣的其他人分享他们的观点。论文征集活动吸引了来自亚洲、欧洲和美国的投稿。参赛作品来自工业界和学术界。工作坊共收到19份意见书。每篇提交的论文至少有3条TPC成员的评审意见。项目委员会审查并接受了以下内容:提交的完整技术论文19篇,接受8篇,提交的简短经验报告19篇,接受4篇。我们还鼓励与会者参加主题演讲和邀请演讲。这些有价值和有见地的谈话可以并将引导我们更好地理解未来:从细粒度代码多样性到仅执行内存:攻击者和防御者之间的猫鼠游戏继续,Michael Franz,(加州大学欧文分校)超越针锋相对:移动目标原型和评估的更好策略,Hamed Okhravi(麻省理工学院林肯实验室))
{"title":"Proceedings of the Second ACM Workshop on Moving Target Defense","authors":"G. Cybenko, Dijiang Huang","doi":"10.1145/2808475","DOIUrl":"https://doi.org/10.1145/2808475","url":null,"abstract":"It is our great pleasure to welcome you to the 2015 ACM Workshop on Moving Target Defense -- MTD'15. This year's MTD workshop continues its tradition of being the premier forum for presentation of research results and experience reports on leading edge issues of access control, nincluding models, systems, applications, and theory. The mission of the symposium is to share novel access control solutions that fulfill the needs of heterogeneous applications and environments and identify new directions for future research and development. ACRONYM gives researchers and practitioners a unique opportunity to share their perspectives with others interested in the various aspects of access control. \u0000 \u0000The call for papers attracted submissions from Asia, Europe, and United States. Submissions are from both industry and academia. The workshop received 19 submissions. Each submitted paper has at least 3 review comments from TPC members. The program committee reviewed and accepted the following: \u0000Full Technical Papers submitted 19, accepted 8 \u0000Short Experience Reports submitted 19, accepted 4 \u0000 \u0000 \u0000 \u0000We also encourage attendees to attend the keynote and invited talk presentations. These valuable and insightful talks can and will guide us to a better understanding of the future: \u0000From Fine Grained Code Diversity to Execute-Only-Memory: The Cat and Mouse Game Between Attackers and Defenders Continues, Michael Franz, (University of California, Irvine) \u0000Getting Beyond Tit for Tat: Better Strategies for Moving Target Prototyping and Evaluation, Hamed Okhravi (MIT Lincoln Laboratory))","PeriodicalId":20578,"journal":{"name":"Proceedings of the Second ACM Workshop on Moving Target Defense","volume":"59 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2015-10-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76017259","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Software Protection with Code Mobility 具有代码移动性的软件保护
Pub Date : 2015-10-12 DOI: 10.1145/2808475.2808481
Alessandro Cabutto, P. Falcarin, Bert Abrath, Bart Coppens, B. D. Sutter
The analysis of binary code is a common step of Man-At-The-End attacks to identify code sections crucial to implement attacks, such as identifying private key hidden in the code, identifying sensitive algorithms or tamper with the code to disable protections (e.g. license checks or DRM) embedded in binary code, or use the software in an unauthorized manner. Code Mobility can be used to thwart code analysis and debugging by removing parts of the code from the deployed software program and installing it at run-time by downloading binary code blocks from a trusted server. The proposed architecture of the code mobility protection downloads mobile code blocks, which are allocated dynamically at addresses determined at run-time; control transfers into and out of mobile code blocks are rewritten using the Diablo binary-rewriter tool.
二进制代码的分析是人在终端攻击的一个常见步骤,以识别代码段的关键实现攻击,如识别隐藏在代码中的私钥,识别敏感算法或篡改代码禁用保护(如许可证检查或DRM)嵌入二进制代码,或以未经授权的方式使用软件。代码迁移可用于阻止代码分析和调试,方法是从已部署的软件程序中删除部分代码,并在运行时通过从可信服务器下载二进制代码块进行安装。提出的代码移动性保护体系结构下载移动代码块,这些代码块在运行时确定的地址上动态分配;进出移动代码块的控制传输使用Diablo二进制重写工具进行重写。
{"title":"Software Protection with Code Mobility","authors":"Alessandro Cabutto, P. Falcarin, Bert Abrath, Bart Coppens, B. D. Sutter","doi":"10.1145/2808475.2808481","DOIUrl":"https://doi.org/10.1145/2808475.2808481","url":null,"abstract":"The analysis of binary code is a common step of Man-At-The-End attacks to identify code sections crucial to implement attacks, such as identifying private key hidden in the code, identifying sensitive algorithms or tamper with the code to disable protections (e.g. license checks or DRM) embedded in binary code, or use the software in an unauthorized manner. Code Mobility can be used to thwart code analysis and debugging by removing parts of the code from the deployed software program and installing it at run-time by downloading binary code blocks from a trusted server. The proposed architecture of the code mobility protection downloads mobile code blocks, which are allocated dynamically at addresses determined at run-time; control transfers into and out of mobile code blocks are rewritten using the Diablo binary-rewriter tool.","PeriodicalId":20578,"journal":{"name":"Proceedings of the Second ACM Workshop on Moving Target Defense","volume":"16 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2015-10-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90546318","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 20
A Theory of Cyber Attacks: A Step Towards Analyzing MTD Systems 网络攻击理论:迈向MTD系统分析的一步
Pub Date : 2015-10-12 DOI: 10.1145/2808475.2808478
Rui Zhuang, Alexandru G. Bardas, S. DeLoach, Xinming Ou
Moving Target Defenses (MTD) have been touted as a game changing approach to computer security that eliminates the static nature of current computer systems -- an attacker's biggest advantage. While promising, the dynamism of MTD introduces challenges related to understanding and quantifying the impact of MTD systems on security, users, and attackers. To analyze this impact, both the concepts of MTD systems and cyber attacks must be formalized. While a theory of MTD systems was proposed in [18], this paper presents a theory of cyber attacks that supports the understanding and analysis of the interaction between MTD systems and the attacks they hope to thwart. The theory defines key concepts that support precise discussion of attacker knowledge, attack types, and attack instances. The paper also presents concrete examples to show how these definitions and concepts can be used in realistic scenarios.
移动目标防御(MTD)被吹捧为一种改变计算机安全的方法,它消除了当前计算机系统的静态特性——攻击者的最大优势。虽然很有希望,但MTD的动态性带来了与理解和量化MTD系统对安全性、用户和攻击者的影响相关的挑战。为了分析这种影响,MTD系统和网络攻击的概念都必须形式化。虽然在[18]中提出了MTD系统的理论,但本文提出了一种网络攻击理论,该理论支持对MTD系统与它们希望阻止的攻击之间相互作用的理解和分析。该理论定义了支持对攻击者知识、攻击类型和攻击实例进行精确讨论的关键概念。本文还提供了具体的例子来说明这些定义和概念如何在现实场景中使用。
{"title":"A Theory of Cyber Attacks: A Step Towards Analyzing MTD Systems","authors":"Rui Zhuang, Alexandru G. Bardas, S. DeLoach, Xinming Ou","doi":"10.1145/2808475.2808478","DOIUrl":"https://doi.org/10.1145/2808475.2808478","url":null,"abstract":"Moving Target Defenses (MTD) have been touted as a game changing approach to computer security that eliminates the static nature of current computer systems -- an attacker's biggest advantage. While promising, the dynamism of MTD introduces challenges related to understanding and quantifying the impact of MTD systems on security, users, and attackers. To analyze this impact, both the concepts of MTD systems and cyber attacks must be formalized. While a theory of MTD systems was proposed in [18], this paper presents a theory of cyber attacks that supports the understanding and analysis of the interaction between MTD systems and the attacks they hope to thwart. The theory defines key concepts that support precise discussion of attacker knowledge, attack types, and attack instances. The paper also presents concrete examples to show how these definitions and concepts can be used in realistic scenarios.","PeriodicalId":20578,"journal":{"name":"Proceedings of the Second ACM Workshop on Moving Target Defense","volume":"33 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2015-10-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84151516","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 47
To Be Proactive or Not: A Framework to Model Cyber Maneuvers for Critical Path Protection in MANETs 主动或不主动:一个框架模型网络机动的关键路径保护在manet
Pub Date : 2015-10-12 DOI: 10.1145/2808475.2808479
Zhuo Lu, L. Marvel, Cliff X. Wang
Recently, proactive strategies have received much attention as they make a system more dynamic and difficult to predict, therefore reducing the impact of adversary attacks. In this paper, we aim at modeling and evaluating the effectiveness of proactive cyber maneuvers to protect the critical path between a source-destination pair for mission operations in a mobile ad-hoc network (MANET) in the presence of an adversary. We propose a generic framework to analytically model cyber maneuvers and define their associated utilities. With the proposed framework, we develop the optimal solution to maximize the lifetime of the critical path with security assurance. We find that sufficient statistical information in the network is vital for the network defender to be proactive, choose the best cyber maneuvers to protect the critical path, and consequently outperform conventional reactive strategies. We also use simulations to validate the effectiveness of our solution.
最近,主动策略受到了很多关注,因为它们使系统更加动态和难以预测,因此减少了对手攻击的影响。在本文中,我们的目标是建模和评估主动网络机动的有效性,以保护在对手存在的移动自组织网络(MANET)中任务操作的源-目的地对之间的关键路径。我们提出了一个通用的框架来分析模拟网络演习,并定义其相关的效用。利用所提出的框架,我们开发了最优解决方案,以最大限度地延长关键路径的生命周期,并保证安全。我们发现,网络中足够的统计信息对于网络防御者积极主动,选择最佳网络机动来保护关键路径,从而优于传统的反应策略至关重要。我们还使用仿真来验证我们的解决方案的有效性。
{"title":"To Be Proactive or Not: A Framework to Model Cyber Maneuvers for Critical Path Protection in MANETs","authors":"Zhuo Lu, L. Marvel, Cliff X. Wang","doi":"10.1145/2808475.2808479","DOIUrl":"https://doi.org/10.1145/2808475.2808479","url":null,"abstract":"Recently, proactive strategies have received much attention as they make a system more dynamic and difficult to predict, therefore reducing the impact of adversary attacks. In this paper, we aim at modeling and evaluating the effectiveness of proactive cyber maneuvers to protect the critical path between a source-destination pair for mission operations in a mobile ad-hoc network (MANET) in the presence of an adversary. We propose a generic framework to analytically model cyber maneuvers and define their associated utilities. With the proposed framework, we develop the optimal solution to maximize the lifetime of the critical path with security assurance. We find that sufficient statistical information in the network is vital for the network defender to be proactive, choose the best cyber maneuvers to protect the critical path, and consequently outperform conventional reactive strategies. We also use simulations to validate the effectiveness of our solution.","PeriodicalId":20578,"journal":{"name":"Proceedings of the Second ACM Workshop on Moving Target Defense","volume":"58 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2015-10-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78475156","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Adaptive Just-In-Time Code Diversification 自适应即时代码多样化
Pub Date : 2015-10-12 DOI: 10.1145/2808475.2808487
Abhinav Jangda, Mohit Mishra, B. D. Sutter
We present a method to regenerate diversified code dynamically in a Java bytecode JIT compiler, and to update the diversification frequently during the execution of the program. This way, we can significantly reduce the time frame in which attackers can let a program leak useful address space information and subsequently use the leaked information in memory exploits. A proof of concept implementation is evaluated, showing that even though code is recompiled frequently, we can achieved smaller overheads than the previous state of the art, which generated diversity only once during the whole execution of a program.
提出了一种在Java字节码JIT编译器中动态再生多样化代码的方法,并在程序执行过程中频繁更新多样化代码。通过这种方式,我们可以显著减少攻击者让程序泄漏有用地址空间信息并随后在内存攻击中使用泄漏信息的时间范围。评估了概念实现的证明,表明即使代码频繁重新编译,我们也可以实现比以前的技术状态更小的开销,在整个程序执行过程中只产生一次多样性。
{"title":"Adaptive Just-In-Time Code Diversification","authors":"Abhinav Jangda, Mohit Mishra, B. D. Sutter","doi":"10.1145/2808475.2808487","DOIUrl":"https://doi.org/10.1145/2808475.2808487","url":null,"abstract":"We present a method to regenerate diversified code dynamically in a Java bytecode JIT compiler, and to update the diversification frequently during the execution of the program. This way, we can significantly reduce the time frame in which attackers can let a program leak useful address space information and subsequently use the leaked information in memory exploits. A proof of concept implementation is evaluated, showing that even though code is recompiled frequently, we can achieved smaller overheads than the previous state of the art, which generated diversity only once during the whole execution of a program.","PeriodicalId":20578,"journal":{"name":"Proceedings of the Second ACM Workshop on Moving Target Defense","volume":"8 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2015-10-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84215115","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
Session details: MTD Modeling and Evaluation II 会议细节:MTD建模和评估II
Pub Date : 2015-10-12 DOI: 10.1145/3253887
Zhou Lu
{"title":"Session details: MTD Modeling and Evaluation II","authors":"Zhou Lu","doi":"10.1145/3253887","DOIUrl":"https://doi.org/10.1145/3253887","url":null,"abstract":"","PeriodicalId":20578,"journal":{"name":"Proceedings of the Second ACM Workshop on Moving Target Defense","volume":"51 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2015-10-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74123227","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
期刊
Proceedings of the Second ACM Workshop on Moving Target Defense
全部 Acc. Chem. Res. ACS Applied Bio Materials ACS Appl. Electron. Mater. ACS Appl. Energy Mater. ACS Appl. Mater. Interfaces ACS Appl. Nano Mater. ACS Appl. Polym. Mater. ACS BIOMATER-SCI ENG ACS Catal. ACS Cent. Sci. ACS Chem. Biol. ACS Chemical Health & Safety ACS Chem. Neurosci. ACS Comb. Sci. ACS Earth Space Chem. ACS Energy Lett. ACS Infect. Dis. ACS Macro Lett. ACS Mater. Lett. ACS Med. Chem. Lett. ACS Nano ACS Omega ACS Photonics ACS Sens. ACS Sustainable Chem. Eng. ACS Synth. Biol. Anal. Chem. BIOCHEMISTRY-US Bioconjugate Chem. BIOMACROMOLECULES Chem. Res. Toxicol. Chem. Rev. Chem. Mater. CRYST GROWTH DES ENERG FUEL Environ. Sci. Technol. Environ. Sci. Technol. Lett. Eur. J. Inorg. Chem. IND ENG CHEM RES Inorg. Chem. J. Agric. Food. Chem. J. Chem. Eng. Data J. Chem. Educ. J. Chem. Inf. Model. J. Chem. Theory Comput. J. Med. Chem. J. Nat. Prod. J PROTEOME RES J. Am. Chem. Soc. LANGMUIR MACROMOLECULES Mol. Pharmaceutics Nano Lett. Org. Lett. ORG PROCESS RES DEV ORGANOMETALLICS J. Org. Chem. J. Phys. Chem. J. Phys. Chem. A J. Phys. Chem. B J. Phys. Chem. C J. Phys. Chem. Lett. Analyst Anal. Methods Biomater. Sci. Catal. Sci. Technol. Chem. Commun. Chem. Soc. Rev. CHEM EDUC RES PRACT CRYSTENGCOMM Dalton Trans. Energy Environ. Sci. ENVIRON SCI-NANO ENVIRON SCI-PROC IMP ENVIRON SCI-WAT RES Faraday Discuss. Food Funct. Green Chem. Inorg. Chem. Front. Integr. Biol. J. Anal. At. Spectrom. J. Mater. Chem. A J. Mater. Chem. B J. Mater. Chem. C Lab Chip Mater. Chem. Front. Mater. Horiz. MEDCHEMCOMM Metallomics Mol. Biosyst. Mol. Syst. Des. Eng. Nanoscale Nanoscale Horiz. Nat. Prod. Rep. New J. Chem. Org. Biomol. Chem. Org. Chem. Front. PHOTOCH PHOTOBIO SCI PCCP Polym. Chem.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1