Moving target defense must keep cyber attackers guessing

2023-03-02 05:00

"The first approach is just keeping the bad guy out and never permitting access to the system. The physical analogue is to build a big wall and don't let him in in the first place. And the backup plan is, if the wall doesn't work, we rely on detection. Both of those approaches are imperfect. And so, what moving target defense offers as a complementary strategy is, even if those two approaches fail, moving target confuses the attacker and makes it more difficult to do damage," Vugrin continued.

Like a game of three-card monte, in which a con artist uses sleight of hand to shuffle cards side-to-side, moving target defense requires randomness.

Researchers wanted to know whether a moving target defense would work to constantly change network addresses, unique numbers assigned to each device on a network.

"We also know the bad guys are using machine learning to attack the systems. And so, one of the things that Chris identified early on was that we do not want to set up a moving target defense where somebody might use a machine-learning attack to break it and render the defense worthless," Vugrin added.

The test showed that moving target defense can fundamentally work, but more importantly it gave both teams insights into how cybersecurity engineers should design these defenses to withstand a machine-learning-based assault, a concept the researchers call threat-informed codesign.

Jenkins said, "Being able to do this work for me, personally, was somewhat satisfying because it showed that given the right type of technology and innovation, you can take a constrained problem and still apply moving target defense to it."

News URL

https://www.helpnetsecurity.com/2023/03/02/moving-target-defense/

#defense