Speaker: Xinming Ou
Title: Design for a Concrete IT System-level Moving Target Defense Platform
The Moving Target Defense (MTD) concept has been proposed as an approach to rebalance the security landscape by increasing uncertainty and apparent complexity for attackers, reducing their window of opportunity and raising the costs of their reconnaissance and attack efforts. The idea of applying moving target techniques for a whole IT system is intuitively beneficial for security. However, little research has been done to show that this idea is feasible. In this talk, I will present the design of a concrete MTD platform — ANCOR (Automated eNterprise network COmpileR), which supports whole-system moving target defense. The ANCOR platform is based on an abstraction model that captures the IT system’s configuration parameters and dependencies, which allows the platform to reason over and change the IT system’s configuration at run time. To evaluate the platform’s practicality, we show experimentally over multiple concrete IT system implementations that the platform’s configuration changes do not disrupt normal operations and introduce only a very small run time overhead.