Moving target defense (MTD) is a defense method for defending client/server applications. MTD works to abstract some portion of how a system works in order to make the application more difficult for an attacker to defeat. Argonne is developing three different implementations: Multiple OS Rotational Environment (MORE-MTD), Dynamic Application Rotational Environment (DARE-MTD), and Stream Splitting (SS-MTD). MORE-MTD rotates the host operating systems to mitigate known/unknown exploits from attackers. By moving the target to a different operating system in a given amount of time, the attacker will be forced to gather data on the target and attempt an exploit in that given amount of time. DARE-MTD takes the same approach as MORE-MTD, but the rotation is focused on the application hosting service rather than the operating system. By rotating the application service, this can mitigate potential vulnerabilities in the service that could be exploited by an attacker. SS-MTD sends data packets over multiple communication channels mitigating the possibility of an attacker intercepting a complete stream of data at any single point. Once the complete data is split into data packets, SS-MTD handles the distribution of the packets through different mediums and/or different hosts across the internet. The receiving mediums and/or hosts would then send the data packets to the designated target converging all data packets back into the complete stream of data. In the event of an attack for all MTD implementations, the probability of success by the attacker is significantly decreased and the resiliency of each system is increased.
Conference Presentations are recordings of oral presentations given at SPIE conferences and published as part of the proceedings. They include the speaker's narration with video of the slides and animations. Most include full-text papers. Interactive, searchable transcripts and closed captioning are now available for 2018 presentations, with transcripts for prior recordings added daily.
Search our growing collection of more than 16,000 conference presentations, including many plenaries and keynotes.