Repository landing page

We are not able to resolve this OAI Identifier to the repository landing page. If you are the repository manager for this record, please head to the Dashboard and adjust the settings.
oaioai:docs.lib.purdue.edu:dissertations-18590

Design, implementation and experiments for Moving Target Defense

Authors
Publication date
1 January 2016
Publisher
'Purdue University (bepress)'

Abstract

The traditional defensive security strategy for distributed systems is to safeguard against malicious activities and prevent attackers from gaining control of the system. The strategy employs well-established defensive techniques such as perimeter-based firewalls, redundancy and replications, and encryption. However, given sufficient time and resources, all these methods can be defeated by advanced adversaries. To address this issue, this dissertation proposes an attack-resilient framework that employs a novel defensive security strategy to reduce or eliminate the need to keep one step ahead of sophisticated attacks. The core of our defensive strategy is to transform systems to narrow the window of their vulnerability from hours/days to minutes/seconds. This is achieved by controlling the system runtime execution in time and space through diversification and randomization as a means of shifting the perception of the attackers’ gain-loss balance. The goal of this defensive strategy, commonly referred to as Moving Target Defense (MTD), is to increase the cost of an attack on a system and to lower the likelihood of success and the perceived benefit of compromising it. The proposed defensive security paradigm is covered in five chapters: Chapter 1 introduces the framework and its core building blocks, then highlights the key contributions of the dissertation. Chapter 2 presents a proactive monitoring scheme to safeguard application runtime below the OS. Chapter 3 presents the proposed framework, referred to as Mayflies, a bio-inspired MTD framework for distributed systems, and discusses the formal model, design, implementation and algorithms. In Chapters 4 and 5, we show the effectiveness of the proposed framework with two classes of widely adopted replicated systems: quorum-based Byzantine Fault-Tolerant and Event-based Publish and Subscribe, deployed on a private cloud platform with special emphasis on their resiliency to attacks and performance impact

Similar works

Full text

thumbnail-image

Purdue E-Pubs

redirect
oaioai:docs.lib.purdue.edu:disser...
Last time updated on 25/02/2017

This paper was published in Purdue E-Pubs.

Having an issue?

Is data on this page outdated, violates copyrights or anything else? Report the problem now and we will take corresponding actions after reviewing your request.