Overview

Moving Target Defenses (MTD) have been proposed as a game changing approach to cyber security that eliminates the static nature of current computer systems – an attacker’s biggest advantage. The core idea of MTD is to make a system change proactively as a means to eliminating the asymmetric advantage the attacker has on time.

Moving Target Defense for Cloud-Based IT Systems (MTD CBITS) is a platform that automatically adapts multiple aspects of the network’s logical and physical configuration. The platform is targeting a cloud infrastructure and is built on top of ANCOR. ANCOR is a framework for creating and managing cloud-based IT systems using a high-level abstraction (an up-to-date IT system inventory). While ANCOR was focused on creating and managing IT systems in a reliable and automated way, the MTD CBITS work analyzes the feasibility and potential security benefits of an MTD approach based on live instance replacement. Why live instance replacements? A live instance replacement mechanism can be the means to deploying various defenses in an automated way while constantly removing attackers’ persistent access.

More details:

Resources mentioned in MTD CBITS: Moving Target Defense for Cloud-Based IT Systems

Current Contributors

Alex Bardas (@bardasag)
Xinming Ou (@xinmingou)
Scott A. DeLoach (@sdeloach)
Sathya Chandran Sundaramurthy (@sathyacs)

Past Contributors

Ian Unruh
Rui Zhuang
Ali Ali
Simon Novelly
Gilnei De Pellegrin
Brian Cain

Support or Contact

Please contact Alex Bardas or the ArgusLab group for more details. More information is available on the GitHub file repository page.

License

This program is free software and it is distributed under the GNU General Public License terms.

MTD CBITS

a Moving Target Defense Platform powered by ANCOR