Science & Enterprise subscription

Follow us on Twitter

  • As the U.S. enters its Independence Day in the midst of its worst-ever pandemic, a divided public most trusts its h… https://t.co/umw9fDWuvJ
    about 1 day ago
  • New post on Science and Enterprise: Infographic – Health Agencies Trusted for Covid-19 Info https://t.co/RerieMYQgn #Science #Business
    about 1 day ago
  • Change the name of the Washington NFL team? A respondent to @joshtpm has a brilliant idea ... Washington Dukes, for… https://t.co/J9P4LKG2PT
    about 2 days ago
  • A medical software team designed a mobile app that records and analyzes a person's sounds and sleep positions to de… https://t.co/NB99HQUWpC
    about 2 days ago
  • New post on Science and Enterprise: Mobile App Screens for Sleep Apnea https://t.co/N8gTn2zWhe #Science #Business
    about 2 days ago

Please share Science & Enterprise

Air Force Funds Moving Target Network Study to Stop Hackers

Blue gene supercomputer (ANL.gov)

(ANL.gov)

Computer scientists at Kansas State University in Manhattan are investigating ways of improving the security of computer networks, by constantly changing their configurations. The project is funded by a five-year grant from the Air Force Office of Scientific Research valued at more than $1 million.

Computing and information schience professors Scott DeLoach, and Xinming “Simon” Ou are researching the feasibility of building a computer network that protects itself against online attackers by automatically changing its setup and configuration, called a moving-target defense. The study aims to document if this type of defense can work, and if so, whether the benefits outweigh the costs in resources to implement and overhead to run.

The idea behind the moving-target defense is to create a computer network no longer static in its configuration. Instead, the network automatically and periodically randomizes its configuration through techniques such as changing the addresses of software applications on the network, or changing the location of critical system data.

To a potential instruder, the system would appear to be changing chaotically, while authorized users would not notice any change from normal operations. “In a typical scenario, attackers scan your system and find out everything they can about your server configuration and what security holes it has,” says DeLoach. “Then they select the best time for them to attack and exploit those security holes in order to do the most damage. This could change that.”

One benefit of the moving-target defense would be to reduce or eliminate multiple invasions by the same attacker. The researchers cite the February 2011 attack on the Nasdaq stock exchange network, where the network’s security had been left vulnerable for more than a year while the hackers visited it numerous times.

Ou notes that a moving-target defense has the potential to shift the power imbalance that currently resides with hackers — who need only find a single security hole to exploit — back to the network administrators. “People feel that we are currently losing against online attackers,” says Ou. “In order to fundamentally change the cybersecurity landscape and reduce that high risk we need some big, fundamental changes to the way computers and networks are constructed and organized.”

Read more:

*     *     *

Please share Science & Enterprise ...

3 comments to Air Force Funds Moving Target Network Study to Stop Hackers