Architecture-Based Self-Adaptation for Moving Target Defense
Bradley Schmerl,
Javier Cámara,
Gabriel A. Moreno,
David Garlan and Andrew Mellinger.
Technical report, CMU-ISR-14-109, Institute for Software Research, Carnegie Mellon University, 2014.
Online links:
Abstract
The fundamental premise behind Moving Target Defense (MTD) is to create a dynamic and shifting system that is more difficult to attack than a static system because a constantly changing attack surface at least reduces the chance of an attacker finding and exploiting the weakness. However, MTD approaches are
typically chosen without regard to other qualities of the system, such as performance or cost. This report explores the use of self-adaptive systems, in particular those based on the architecture of the running system. A systems software architecture can be used to trade off different quality dimensions of the system. In particular, this report describes the first steps in reasoning formally about MTD approaches, and elevating this reasoning to an architectural level, along three thrusts: (1) creating an initial catalog of MTD tactics that can be used at the architectural level, along with the impacts on security and other quality concerns, (2) using this information to inform proactive self-adaptation that uses predictions of tactic duration to improve the self-adaptation, and (3) using stochastic multiplayer games to verify the the behavior of a variety of MTD scenarios, from uninformed to predictive-reactive. This work is applied in the context of the Rainbow self-adaptive framework. |
Keywords: Rainbow, Science of Security, Self-adaptation, Software Architecture.
@TechReport{Schmerl/MTD/2014,
AUTHOR = {Schmerl, Bradley and C\'{a}mara, Javier and Moreno, Gabriel A. and Garlan, David and Mellinger, Andrew},
TITLE = {Architecture-Based Self-Adaptation for Moving Target Defense},
YEAR = {2014},
NUMBER = {CMU-ISR-14-109},
INSTITUTION = {Institute for Software Research, Carnegie Mellon University},
PDF = {http://acme.able.cs.cmu.edu/pubs/uploads/pdf/CMU-ISR-14-109.pdf},
ABSTRACT = {The fundamental premise behind Moving Target Defense (MTD) is to create a dynamic and shifting system that is more difficult to attack than a static system because a constantly changing attack surface at least reduces the chance of an attacker finding and exploiting the weakness. However, MTD approaches are
typically chosen without regard to other qualities of the system, such as performance or cost. This report explores the use of self-adaptive systems, in particular those based on the architecture of the running system. A systems software architecture can be used to trade off different quality dimensions of the system. In particular, this report describes the first steps in reasoning formally about MTD approaches, and elevating this reasoning to an architectural level, along three thrusts: (1) creating an initial catalog of MTD tactics that can be used at the architectural level, along with the impacts on security and other quality concerns, (2) using this information to inform proactive self-adaptation that uses predictions of tactic duration to improve the self-adaptation, and (3) using stochastic multiplayer games to verify the the behavior of a variety of MTD scenarios, from uninformed to predictive-reactive. This work is applied in the context of the Rainbow self-adaptive framework.},
KEYWORDS = {Rainbow, Science of Security, Self-adaptation, Software Architecture} }
|