TY - GEN
T1 - Security and science of agility
AU - McDaniel, Patrick
AU - Jaeger, Trent
AU - La Porta, Thomas F.
AU - Papernot, Nicolas
AU - Walls, Robert J.
AU - Kott, Alexander
AU - Marvel, Lisa
AU - Swami, Ananthram
AU - Mohapatra, Prasant
AU - Krishnamurthy, Srikanth V.
AU - Neamtiu, Iulian
N1 - Publisher Copyright:
Copyright © 2014 by the Association for Computing Machinery, Inc. (ACM).
PY - 2014/11/7
Y1 - 2014/11/7
N2 - Moving target defenses alter the environment in response to adversarial action and perceived threats. Such defenses are a specific example of a broader class of system management techniques called system agility. In its fullest generality, agility is any reasoned modification to a system or environment in response to a functional, performance, or security need. This paper details a recently launched 10-year Cyber-Security Collaborative Research Alliance effort focused in-part on the development of a new science of system agility, of which moving target defenses are a central theme. In this context, the consortium seeks to address the questions of when, what, and how to employ changes to improve the security of an environment, as well as consider how to measure and weigh the effectiveness of different approaches to agility. We discuss several fundamental challenges in developing and using MTD maneuvers, and outline several broad classes of mechanisms that can be used to implement them. We conclude by detailing specific MTD mechanisms used to adaptively quarantine vulnerable code in Android applications, and consider ways of comparing cost and payout of its use.
AB - Moving target defenses alter the environment in response to adversarial action and perceived threats. Such defenses are a specific example of a broader class of system management techniques called system agility. In its fullest generality, agility is any reasoned modification to a system or environment in response to a functional, performance, or security need. This paper details a recently launched 10-year Cyber-Security Collaborative Research Alliance effort focused in-part on the development of a new science of system agility, of which moving target defenses are a central theme. In this context, the consortium seeks to address the questions of when, what, and how to employ changes to improve the security of an environment, as well as consider how to measure and weigh the effectiveness of different approaches to agility. We discuss several fundamental challenges in developing and using MTD maneuvers, and outline several broad classes of mechanisms that can be used to implement them. We conclude by detailing specific MTD mechanisms used to adaptively quarantine vulnerable code in Android applications, and consider ways of comparing cost and payout of its use.
UR - http://www.scopus.com/inward/record.url?scp=84937676880&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84937676880&partnerID=8YFLogxK
U2 - 10.1145/2663474.2663476
DO - 10.1145/2663474.2663476
M3 - Conference contribution
AN - SCOPUS:84937676880
SN - 9781450331500
T3 - Proceedings of the ACM Conference on Computer and Communications Security
SP - 13
EP - 19
BT - MTD 2014 - Proceedings of the 2014 ACM Workshop on Moving Target Defense, Co-located with CCS 2014
PB - Association for Computing Machinery
T2 - 1st ACM Workshop on Moving Target Defense, MTD 2014 - Co-located with 21st ACM Conference on Computer and Communications Security, CCS 2014
Y2 - 3 November 2014
ER -