Computer scientists at Kansas State University in Manhattan are investigating ways of improving the security of computer networks, by constantly changing their configurations. The project is funded by a five-year grant from the Air Force Office of Scientific Research valued at more than $1 million.
Computing and information schience professors Scott DeLoach, and Xinming “Simon” Ou are researching the feasibility of building a computer network that protects itself against online attackers by automatically changing its setup and configuration, called a moving-target defense. The study aims to document if this type of defense can work, and if so, whether the benefits outweigh the costs in resources to implement and overhead to run.
The idea behind the moving-target defense is to create a computer network no longer static in its configuration. Instead, the network automatically and periodically randomizes its configuration through techniques such as changing the addresses of software applications on the network, or changing the location of critical system data.
To a potential instruder, the system would appear to be changing chaotically, while authorized users would not notice any change from normal operations. “In a typical scenario, attackers scan your system and find out everything they can about your server configuration and what security holes it has,” says DeLoach. “Then they select the best time for them to attack and exploit those security holes in order to do the most damage. This could change that.”
One benefit of the moving-target defense would be to reduce or eliminate multiple invasions by the same attacker. The researchers cite the February 2011 attack on the Nasdaq stock exchange network, where the network’s security had been left vulnerable for more than a year while the hackers visited it numerous times.
Ou notes that a moving-target defense has the potential to shift the power imbalance that currently resides with hackers — who need only find a single security hole to exploit — back to the network administrators. “People feel that we are currently losing against online attackers,” says Ou. “In order to fundamentally change the cybersecurity landscape and reduce that high risk we need some big, fundamental changes to the way computers and networks are constructed and organized.”
- Gaps Found in Satellite Telephone Encryption Algorithms
- Univ., IBM Team Creates Enhanced Cloud Security Technique
* * *