Effectiveness of Moving Target Defenses
作者: David Evans , Anh Nguyen-Tuong , John Knight
DOI: 10.1007/978-1-4614-0977-9_2
关键词:
摘要: Moving target defenses have been proposed as a way to make it much more difficult for an attacker exploit vulnerable system by changing aspects of that present attackers with varying attack surface. The hope is constructing successful requires analyzing properties the system, and in time takes learn those construct exploit, will changed enough can launch disrupt exploit’s functionality. This promising appealing idea, but its security impact not yet clearly understood. In this chapter, we argue actual benefits moving approach are fact often less significant than one would expect. We model thinking about dynamic diversity defenses, analyze few example attacks, identify scenarios where effective.
springer.com
colostate.edu 参考文章(26)
Ravishankar K. Iyer, Emre C. Sezer, Shuo Chen, Prachi Gauriar, Jun Xu, Non-control-data attacks are realistic threats usenix security symposium. pp. 12- 12 ,(2005)
Paruj Ratanaworabhan, Benjamin Livshits, Benjamin Zorn, NOZZLE: a defense against heap-spraying code injection attacks usenix security symposium. pp. 169- 186 ,(2009)
Daniel C. DuVarney, Sandeep Bhatkar, R. Sekar, Address obfuscation: an efficient approach to combat a board range of memory error exploits usenix security symposium. pp. 8- 8 ,(2003)
Salvatore Stolfo, Yingbo Song, Pratap Prabhu, Smashing the Stack with Hydra: The Many Heads of Advanced Polymorphic Shellcode Department of Computer Science, Columbia University. ,(2009) , 10.7916/D8RJ4R91
Stephen W. Boyd, Angelos D. Keromytis, SQLrand: Preventing SQL Injection Attacks applied cryptography and network security. pp. 292- 302 ,(2004) , 10.1007/978-3-540-24852-1_21
Babak Salamat, Todd Jackson, Andreas Gal, Michael Franz, Orchestra: intrusion detection using parallel execution and monitoring of program variants in user-space european conference on computer systems. pp. 33- 46 ,(2009) , 10.1145/1519065.1519071
Raoul Strackx, Yves Younan, Pieter Philippaerts, Frank Piessens, Sven Lachmund, Thomas Walter, Breaking the memory secrecy assumption european workshop on system security. pp. 1- 8 ,(2009) , 10.1145/1519144.1519145
Anh Nguyen-Tuong, David Evans, John C. Knight, Benjamin Cox, Jack W. Davidson, Security through redundant data diversity dependable systems and networks. pp. 187- 196 ,(2008) , 10.1109/DSN.2008.4630087
Anh Nguyen-Tuong, Andrew Wang, Jason D. Hiser, John C. Knight, Jack W. Davidson, On the effectiveness of the metamorphic shield european conference on software architecture. pp. 170- 174 ,(2010) , 10.1145/1842752.1842788
Norm Hardy, The Confused Deputy: (or why capabilities might have been invented) Operating Systems Review. ,vol. 22, pp. 36- 38 ,(1988) , 10.1145/54289.871709