Abstract

Cyber moving target (MT) has been identified as one of the
game-changing themes to re-balance the cyber landscape in favor of
defense. MT techniques make cyber systems less static, less
homogeneous, and less deterministic in order to create uncertainty for
the attackers. Although many MT techniques have been proposed in the
literature, little has been done on evaluating their effectiveness,
benefits, and weaknesses. In this talk, we evaluate the wide range of
MT techniques using three approaches. First, a qualitative assessment
studies the potential benefits, gaps, and weaknesses for each category
of MT. This step identifies major gaps in this domain which can guide
future research and prototyping efforts. We also provide the findings
of a qualitative assessment case study on code reuse defenses. Second,
for the MT techniques that are identified as potentially more
beneficial in the qualitative assessment, we perform a deeper
quantitative assessment using real exploits. Third, we perform an
assessment of how information leakage can impact the effectiveness of
MT techniques inside a larger system. Finally, we outline possible
directions for future work in this domain.

Speaker's Bio

Hamed Okhravi is a member of Technical Staff at the Cyber Systems and
Technology group of MIT Lincoln Laboratory, researching in the area of
cyber security. Dr. Okhravi received his MS and PhD in Electrical and
Computer Engineering from University of Illinois at Urbana-Champaign
(2006 and 2009). During his PhD study, he also interned at Network
Geographics (2007) and Cisco Systems, Inc. (2008). Currently,
Dr. Okhravi is working on cyber-attack survivable systems at MIT. His
research interests are in cyber security, cyber trust, science of
security, security metrics, and operating systems.