|
Moving target defense (MTD) is a defense method for defending client/server applications. MTD works to abstract some portion of how a system works in order to make the application more difficult for an attacker to defeat. Argonne is developing three different implementations: Multiple OS Rotational Environment (MORE-MTD), Dynamic Application Rotational Environment (DARE-MTD), and Stream Splitting (SS-MTD). MORE-MTD rotates the host operating systems to mitigate known/unknown exploits from attackers. By moving the target to a different operating system in a given amount of time, the attacker will be forced to gather data on the target and attempt an exploit in that given amount of time. DARE-MTD takes the same approach as MORE-MTD, but the rotation is focused on the application hosting service rather than the operating system. By rotating the application service, this can mitigate potential vulnerabilities in the service that could be exploited by an attacker. SS-MTD sends data packets over multiple communication channels mitigating the possibility of an attacker intercepting a complete stream of data at any single point. Once the complete data is split into data packets, SS-MTD handles the distribution of the packets through different mediums and/or different hosts across the internet. The receiving mediums and/or hosts would then send the data packets to the designated target converging all data packets back into the complete stream of data. In the event of an attack for all MTD implementations, the probability of success by the attacker is significantly decreased and the resiliency of each system is increased.
|
