A game theoretic approach to strategy determination for dynamic platform defenses

Proceedings of the ACM Conference on Computer and Communications Security

Volumn 2014-November, Issue November, 2014, Pages 21-30

  Carter, Kevin M ^a   Riordan, James F ^a   Okhravi, Hamed ^a  

^a MIT LINCOLN LABORATORY   (United States)

Author keywords

Game theory; Moving target; System diversity

Indexed keywords

NETWORK SECURITY; RANDOM PROCESSES;

MOVING TARGET DEFENSE; MOVING TARGETS; OPTIMAL SOLUTIONS; PLATFORM DIVERSITY; PLATFORM SYSTEMS; STRATEGIC CONSIDERATIONS; SYSTEM DIVERSITY; THREAT MODELING;

GAME THEORY;

EID: 84937676479     PISSN: 15437221     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2663474.2663478     Document Type: Conference Paper

References (22)

1. D. Arsenault, A. Sood, and Y. Huang. Secure, resilient computing clusters: Self-cleansing intrusion tolerance with hardware enforced security (scit/hes). In Proceedings of the The Second International Conference on Availability, Reliability and Security, ARES '07, pages 343-350, Washington, DC, USA, 2007. IEEE Computer Society.
2. A. Bangalore and A. Sood. Securing web servers using self cleansing intrusion tolerance (scit). In Dependability, 2009. DEPEND '09. Second International Conference on, pages 60-65, june 2009.
3. R. Colbaugh and K. Glass. Predictability-oriented defense against adaptive adversaries. In Proceedings of the IEEE Intl. Conference on Systems, Man, and Cybernetics, COEX, pages 2721-2727, 2012.
4. D. A. Holland, A. T. Lim, and M. I. Seltzer. An architecture a day keeps the hacker away. SIGARCH Comput. Archit. News, 33(1):34-41, Mar. 2005.
5. Y. Huang, D. Arsenault, and A. Sood. Incorruptible system self-cleansing for intrusion tolerance. In Performance, Computing, and Communications Conference, 2006. IPCCC 2006. 25th IEEE International, pages 4-496, april 2006.
6. T. Jackson, B. Salamat, G. Wagner, C. Wimmer, and M. Franz. On the effectiveness of multi-variant program execution for vulnerability detection and prevention. In Proceedings of the 6th International Workshop on Security Measurements and Metrics, MetriSec '10, pages 71-78, New York, NY, USA, 2010. ACM.
7. P. Larsen, S. Brunthaler, and M. Franz. Security through diversity: Are we there yet? In Proceedings of IEEE Security & Privacy, Oct. 2013.
8. R. B. Myerson. Game Theory: Analysis of Conict. Harvard University Press, 1997.
9. N. Nethercote and J. Seward. Valgrind: A framework for heavyweight dynamic binary instrumentation. In Proceedings of the 2007 ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI '07, pages 89-100, New York, NY, USA, 2007.
10. F. Networking, I. T. Research, and D. (NITRD). Federal Cybersecurity Game-change R&D Themes, 2012. http://cybersecurity.nitrd.gov/page/federal-cybersecurity-1.
11. H. Okhravi, A. Comella, E. Robinson, and J. Haines. Creating a cyber moving target for critical infrastructure applications using platform diversity. International Journal of Critical Infrastructure Protection, 5(1):30 - 39, 2012.
12. H. Okhravi, T. Hobson, D. Bigelow, and W. Streilein. Finding focus in the blur of moving-target techniques. IEEE Security & Privacy, 12(2):16-26, Mar 2014.
13. H. Okhravi, J. Riordan, and K. Carter. Quantitative evaluation of dynamic platform techniques as a defensive mechanism. In Proceedings of 17th International Symposium on Recent Advances in Intrusion Detection (RAID), Sept. 2014.
14. A. Saidane, V. Nicomette, and Y. Deswarte. The design of a generic intrusion-tolerant architecture for web servers. Dependable and Secure Computing, IEEE Transactions on, 6(1):45 -58, jan.-march 2009.
15. B. Salamat, A. Gal, and M. Franz. Reverse stack execution in a multi-variant execution environment. In Workshop on Compiler and Architectural Techniques for Application Reliability and Security, 2008.
16. B. Salamat, A. Gal, T. Jackson, K. Manivannan, G. Wagner, and M. Franz. Multi-variant program execution: Using multi-core systems to defuse buffer-overflow vulnerabilities. In Complex, Intelligent and Software Intensive Systems, 2008. International Conference on, pages 843 -848, march 2008.
17. B. Salamat, T. Jackson, G. Wagner, C. Wimmer, and M. Franz. Runtime defense against code injection attacks using replicated execution. Dependable and Secure Computing, IEEE Transactions on, 8(4):588 -601, july-aug. 2011.
18. S. Schleimer, D. S. Wilkerson, and A. Aiken. Winnowing: local algorithms for document fingerprinting. In Proceedings of the 2003 ACM SIGMOD international conference on Management of data, SIGMOD '03, pages 76-85, New York, NY, USA, 2003. ACM.
19. K. Scott and J. Davidson. Strata: A Software Dynamic Translation Infrastructure. Technical Report CS-2001-17, 2001.
20. D. Williams, W. Hu, J. W. Davidson, J. D. Hiser, J. C. Knight, and A. Nguyen-Tuong. Security through diversity: Leveraging virtual machine technology. IEEE Security and Privacy, 7(1):26-33, Jan. 2009.
21. M. Winterrose and K. Carter. Strategic evolution of adversaries against temporal platform diversity active cyber defenses. In Proceedings of Agent-Directed Simulation Symposium, pages 68-76, April 2014.
22. M. Winterrose, K. Carter, N. Wagner, and W. Streilein. Adaptive attacker strategy development against moving target cyber defenses. In Proceedings of MODSIM World 2014, April 2014.