7th International Conference on Collaborative Computing: Networking, Applications and Worksharing

Research Article

ChameleonSoft: A Moving Target Defense System

Download343 downloads
  • @INPROCEEDINGS{10.4108/icst.collaboratecom.2011.247115,
        author={Mohamed Azab and Riham Hassan and Mohamed Eltoweissy},
        title={ChameleonSoft: A Moving Target Defense System},
        proceedings={7th International Conference on Collaborative Computing: Networking, Applications and Worksharing},
        publisher={IEEE},
        proceedings_a={COLLABORATECOM},
        year={2012},
        month={4},
        keywords={cyber security ubiquitous computing software diversity online programmability biologically-inspired security},
        doi={10.4108/icst.collaboratecom.2011.247115}
    }
    
  • Mohamed Azab
    Riham Hassan
    Mohamed Eltoweissy
    Year: 2012
    ChameleonSoft: A Moving Target Defense System
    COLLABORATECOM
    ICST
    DOI: 10.4108/icst.collaboratecom.2011.247115
Mohamed Azab1,*, Riham Hassan2, Mohamed Eltoweissy3
  • 1: Bradley Department of Electrical and Computer Engineering, Virginia Tech
  • 2: Computer Science, Virginia Tech
  • 3: Pacific Northwest National Laboratory
*Contact email: mohamed_azab2001@yahoo.com

Abstract

Ubiquitous cyber systems and their supporting infrastructure impact productivity and quality of life immensely. Their penetration in our daily life increases the need for their enhanced resilience and for means to secure and protect them. One major threat is the software monoculture. Latest research work illustrated the danger of software monoculture and introduced diversity to reduce the attack surface. Herby we propose a biologically-inspired defense system, ChameleonSoft, that employs multidimensional software diversity to, in effect, induce spatiotemporal software behavior encryption and a moving target defense. The key principles are decoupling functional roles and runtime role players; devising intrinsically-resilient composable online programmable building blocks; separating logic, state and physical resources; and employing functionally-equivalent, behaviorally-different code variants. Given, our construction, ChameleonSoft is also equipped with an autonomic failure recovery mechanism for enhanced resilience. Nodes employing ChameleonSoft autonomously and cooperatively change their recovery and encryption policy both proactively and reactively according to the continual change in context and environment. In order to test the applicability, effectiveness and to evaluate the performance and security aspects of the proposed approach, we present a prototype of the ChameleonSoft Behavior Encryption mechanisms, an analysis and simulation study, and a brief attack scenario.