The cyber moving target (MT) approach has been identified as one of the game-changing themes to rebalance the cyber landscape in favor of defense. MT techniques make cyber systems less static, less homogeneous, and less deterministic in order to create uncertainty for attackers. Although many MT techniques have been proposed in the literature, little has been done to evaluate their effectiveness, benefits, and weaknesses. In this talk, we use three approaches to evaluate the wide range of MT techniques. First, a qualitative assessment studies the potential benefits, gaps, and weaknesses for each category of MT. This step identifies major gaps in the domain that can guide future research and prototyping efforts; we also provide the findings of a qualitative assessment case study on code reuse defenses. Second, for the MT techniques that are identified in the qualitative assessment as potentially more beneficial, we perform a deeper quantitative assessment using real exploits. Third, we perform an assessment of how information leakage can impact the effectiveness of MT techniques inside a larger system. Finally, we outline possible directions for future work in this domain.
Hamed Okhravi is a member of the research staff of the Cyber Systems and Technology group at MIT Lincoln Laboratory, doing research in the area of cyber security. Dr. Okhravi received his M.S. and Ph.D. in Electrical and Computer Engineering from the University of Illinois at Urbana-Champaign (2006 and 2009). He also interned at Network Geographic’s (2007) and Cisco Systems, Inc. (2008). Currently, Dr. Okhravi is working on systems security and security evaluation at MIT. He serves on the program committees of various security conferences and workshops. His research interests are in cyber security, cyber trust, the science of security, security metrics, and operating systems.