ChameleonSoft: A Moving Target Defense System

Ubiquitous cyber systems and their supporting infrastructure impact productivity and quality of life immensely. Their penetration in our daily life increases the need for their enhanced resilience and for means to secure and protect them. One major threat is the software monoculture. Latest research work illustrated the danger of software monoculture and introduced diversity to reduce the attack surface. Herby we propose a biologically-inspired defense system, ChameleonSoft, that employs multidimensional software diversity to, in effect, induce spatiotemporal software behavior encryption and a moving target defense. The key principles are decoupling functional roles and runtime role players; devising intrinsically-resilient composable online programmable building blocks; separating logic, state and physical resources; and employing functionally-equivalent, behaviorally-different code variants. Given, our construction, ChameleonSoft is also equipped with an autonomic failure recovery mechanism for enhanced resilience. Nodes employing ChameleonSoft autonomously and cooperatively change their recovery and encryption policy both proactively and reactively according to the continual change in context and environment. In order to test the applicability, effectiveness and to evaluate the performance and security aspects of the proposed approach, we present a prototype of the ChameleonSoft Behavior Encryption mechanisms, an analysis and simulation study, and a brief attack scenario.