Upload File

create moving target defense in static networks by learning … · 2012-03-28 · create moving...

  • Home
  • Documents
  • Create Moving Target Defense in Static Networks by Learning … · 2012-03-28 · Create Moving Target Defense in Static Networks by Learning from Botnets Feng Li, Assistant Professor,
1
Create Moving Target Defense in Static Networks by Learning from Botnets Feng Li, Assistant Professor, [email protected] This project will deliver an movingtarget defense (MTD) framework, in which the network configuration constantly evolves to confuse attackers without significantly degrading the quality of service. The MTD framework increases the cost for potential attackers by complicating the attack process and limiting the exposure of network vulnerability, and thus makes the network more resilient against persistent attacks. Moving-Target Defense Example: Operation Ghost Click A botnet with millions of infected computers Crackdown by FBI Why? Static target. Centralized Command and Control (C&C) architecture Poisoning attack by FBI Anticrackdown? Trojan.Peacomm botnet and Storm worm [1]. 1) Dynamic C&C mechanisms; 2) Multiple attack vectors and the strategy of using them; 3) Disruptiontolerant P2P update sharing; 4) Index poisoning prevention . Botnet Lesson Roadmap: Physically static networks Targets of disruptive attacks Movingtarget techniques Success of recent botnets Three major thrusts: Polymorphism: evolving network topology Agility: securitycontextaware opportunistic data exchange Poisoning prevention: dynamic group creation and secret sharing MTD Framwork: Against disruptive attacks Dynamic C&C structure inspires network topological polymorphism Quantitative security exposure measurement Attack exposure measure: accumulated risk of being compromised over time Globally coordinated mechanisms Locally coordinated virtual node mechanism Locally coordinated probabilistic switching mechanism Polymorphism Links are still vulnerable to the network disruptive attacks Single fixed route Locally coordinated opportunistic data forwarding Adaptive relay set selection Probabilistic priority determination Agility Poisoning techniques: A severe threat to the MTD framework Arbitrary subset of nodes a privileged subgroup No online central authority Dynamic secret sharing mechanism based on private polynomial and public values Poisoning prevention [1] T. Holz, M. Steiner, F. Dahl, E. Biersack, and F. Freiling. Measurements and mitigation of peertopeerbased botnets: a case study on storm worm. In Proc. of the 1st Usenix Workshop on LargeScale Exploits and Emergent Threats, 2008. [2] E. AlShaer. Toward network configuration randomization for moving target defense. In Moving Target Defense, volume 54 of Advances in Information Security, pages 153–159. Springer New York, 2011. Botnet Lesson 159-98E.pdf 1 3/28/2012 9:08:00 AM

Upload: others

Post on 26-Mar-2020

0 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Create Moving Target Defense in Static Networks by Learning … · 2012-03-28 · Create Moving Target Defense in Static Networks by Learning from Botnets Feng Li, Assistant Professor,

Create Moving Target Defense in Static Networks by Learning from BotnetsFeng Li, Assistant Professor, [email protected]

This project will deliver an moving‐target defense (MTD)framework, in which the network configuration constantlyevolves to confuse attackers without significantly degradingthe quality of service. The MTD framework increases the costfor potential attackers by complicating the attack process andlimiting the exposure of network vulnerability, and thus makesthe network more resilient against persistent attacks.

Moving-Target Defense

Example: Operation Ghost Click• A botnet with millions of infected computers• Crackdown by FBI

Why? Static target.• Centralized Command and Control (C&C) architecture• Poisoning attack by FBI

Anti‐crackdown? Trojan.Peacomm botnet and Storm worm [1].1) Dynamic C&C mechanisms;2) Multiple attack vectors and the strategy of using them;3) Disruption‐tolerant P2P update sharing;4) Index poisoning prevention .

Botnet Lesson

Roadmap:Physically static networks Targets of disruptive attacks

↑Moving‐target techniques← Success of recent botnets

Three major thrusts:• Polymorphism: evolving network topology• Agility: security‐context‐aware opportunistic data exchange• Poisoning prevention: dynamic group creation and secret

sharing

MTD Framwork: Against disruptive attacks

Dynamic C&C structure inspiresnetwork topological polymorphism

Quantitative security exposure measurement• Attack exposure measure: accumulated risk of being

compromised over time

Globally coordinated mechanismsLocally coordinated virtual node mechanismLocally coordinated probabilistic switching mechanism

Polymorphism

Links are still vulnerable to the network disruptive attacks• Single fixed route

Locally coordinated opportunistic data forwarding• Adaptive relay set selection• Probabilistic priority determination

Agility

Poisoning techniques: A severe threat to the MTD framework

Arbitrary subset of nodes  a privileged subgroupNo online central authority

Dynamic secret sharing mechanism based on private polynomial and public values

Poisoning prevention

[1] T. Holz, M. Steiner, F. Dahl, E. Biersack, and F. Freiling. Measurements and mitigation of peer‐to‐peer‐based botnets: a case study on storm worm. In Proc. of the 1st Usenix Workshop on Large‐Scale Exploits and Emergent Threats, 2008.[2] E. Al‐Shaer. Toward network configuration randomization for moving target defense. In Moving Target Defense, volume 54 of Advances in Information Security, pages 153–159. Springer New York, 2011.

Botnet Lesson

159-98E.pdf 1 3/28/2012 9:08:00 AM

mfocosi
Typewritten Text
2012 - 159-98E - Create Moving Target Defense in Static Networks by Learning from Botnets - Feng Li NS

MOVING THE WEBQUEST PROCESS FROM STATIC TO DYNAMIC ...etd.lib.metu.edu.tr/upload/12608554/index.pdf · moving the webquest process from static to dynamic: preservice teachers’ experience

Realtime Moving Object Detection from a Freely Moving ...€¦ · The solution to the moving object detection and segmen-tation problem will act as a bridge between the static SLAM

MOVING THE WEBQUEST PROCESS FROM STATIC TO …MOVING THE WEBQUEST PROCESS FROM STATIC TO DYNAMIC: ... 4.2.3 What are the views of the participants about designing their WebQuest

Static Electricity · 2020-04-25 · Static Electricity Static Electricity does not flow through wires. — Static means "not moving." If the charge is strong enough, it "jumps" from

Re-Cinematography: Improving the Camera Dynamics of Casual ... · Translate cinematography to implementation Motion should be intentional •Static shots should be static •Moving

Moving from Static to Dynamic General Equilibrium Economic Models

Moving from Defense to Offense - accenture.com

Spatial-Temporal Moving Target Defense: A Markov ... › pdf › 2002.10390.pdfSpatial-Temporal Moving Target Defense: A Markov Stackelberg Game Model Henger Li, Wen Shen, Zizhan Zheng

Luke Wroblewski at BayCHI IxD BOF: Input: Moving Beyond Static Forms

Characterizing the Power of Moving Target Defense via ... · arXiv:1404.6785v1 [cs.SY] 27 Apr 2014 Characterizing the Power of Moving Target Defense via Cyber Epidemic Dynamics Yujuan

3D Lidar-based Static and Moving Obstacle Detection in

Moving Target Defense in Cyber Security

Piecewise-Linear Motion Planning amidst Static, Moving, or

Integrated observing system for recognition and identification of moving and non-moving objects HUNGARIAN MINISTRY OF DEFENSE TECHNOLOGY AGENCY RESEARCH

Optimal Defense Policies for Partiallymiehling.csl.illinois.edu/slides/miehling_MTDWorkshop_2015.pdf · Second ACM Workshop on Moving Target Defense (MTD 2015) Denver, Colorado —

Static and Moving Object Detection Using Flux Tensor with Split

Simulation-based Approaches to Studying Effectiveness of Moving-Target Network Defense

Exploring Static Electricity · a carpet? That kind of electricity is called static electricity. Static Electricity Static is another word for “not moving.” Static electricity

Optimizing a Network Layer Moving Target Defense by

Class 2: Moving Object Detection - andrewsenior.com · 3 Moving Object Detection Problem (Static Camera) Main goal: detecting moving objects from a video sequence of a fixed camera

Moving from static to digital signage - NEC Display Solutions...Here are four key factors that can help an operator successfully deploy a digital signage system. Moving from static

Moving image - brand.pearson.com · Moving image Principles. 127 Pace and movement are key to engaging with your audience. Moving imagery should never be static or rushed; words should

Static and moving solid/gas interface modeling in a hybrid

Cost-Benefit Analysis of Moving-Target Defense in Power Grids

Four Reasons Companies Are Moving from Static Dashboards to Interactive Business StoryBoards™

Camerawork: Static vs Moving Cameras

Static and Moving Object Detection Using Flux Tensor … · Static and Moving Object Detection Using Flux Tensor with Split Gaussian Models Rui Wang 1, Filiz Bunyak , Guna Seetharaman2,

Moving & Using Static Charge

A moving target DDoS defense mechanismastavrou/research/A-moving... · A moving target DDoS defense mechanism ... ever, the number of such insiders in a protected system is assumed

Spatial-Temporal Moving Target Defense: A Markov ...Spatial-Temporal Moving Target Defense: A Markov Stackelberg Game Model Henger Li, Wen Shen, Zizhan Zheng Department of Computer

Static and Default Routes for Firepower Threat Defense · StaticandDefaultRoutesforFirepowerThreat Defense ThischapterdescribeshowtoconfigurestaticanddefaultroutesontheFTD. •AboutStaticandDefaultRoutes,onpage1

Moving Target Defense Considerations in Real-Time Safety- and …web.mit.edu/br26972/www/pubs/mtd20.pdf · 2021. 3. 25. · Moving Target Defense Considerations in Real-Time Safety-

Evaluating Moving Target Defense with PLADD · Evaluating Moving Target Defense with PLADD Stephen Jones, Alexander Outkin, Jared Gearhart, Jacob Hobbs, John Siirola, ... using adversarial

MOVING FACIAL IMAGE TRANSFORMATIONS BASED ON …ivizlab.sfu.ca/arya/Papers/Others/Moving Facial... · MOVING FACIAL IMAGE TRANSFORMATIONS BASED ON STATIC 2D PROTOTYPES Bernard Tiddeman

In Defense of Probabilistic Static Analysis