Atnaujinkite slapukų nuostatas

Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats 2011 ed. [Kietas viršelis]

4.50/5 (2 ratings by Goodreads)
Edited by , Edited by , Edited by , Edited by , Edited by
  • Formatas: Hardback, 184 pages, aukštis x plotis: 235x155 mm, weight: 1010 g, XVI, 184 p., 1 Hardback
  • Serija: Advances in Information Security 54
  • Išleidimo metai: 26-Aug-2011
  • Leidėjas: Springer-Verlag New York Inc.
  • ISBN-10: 1461409764
  • ISBN-13: 9781461409762
Kitos knygos pagal šią temą:
Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats 2011 ed.Didesnis paveikslėlis
  • Formatas: Hardback, 184 pages, aukštis x plotis: 235x155 mm, weight: 1010 g, XVI, 184 p., 1 Hardback
  • Serija: Advances in Information Security 54
  • Išleidimo metai: 26-Aug-2011
  • Leidėjas: Springer-Verlag New York Inc.
  • ISBN-10: 1461409764
  • ISBN-13: 9781461409762
Kitos knygos pagal šią temą:
Pastovi nuoroda: https://www.kriso.lt/db/9781461409762.html
Raktažodžiai:
Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats was developed by a group of leading researchers. It describes the fundamental challenges facing the research community and identifies new promising solution paths. Moving Target Defense which is motivated by the asymmetric costs borne by cyber defenders takes an advantage afforded to attackers and reverses it to advantage defenders. Moving Target Defense is enabled by technical trends in recent years, including virtualization and workload migration on commodity systems, widespread and redundant network connectivity, instruction set and address space layout randomization, just-in-time compilers, among other techniques. However, many challenging research problems remain to be solved, such as the security of virtualization infrastructures, secure and resilient techniques to move systems within a virtualized environment, automatic diversification techniques, automated ways to dynamically change and manage the configurations of systems and networks, quantification of security improvement, potential degradation and more.

Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats is designed for advanced -level students and researchers focused on computer science, and as a secondary text book or reference. Professionals working in this field will also find this book valuable.
1 A Formal Model for a System's Attack Surface
1(28)
Pratyusa K. Manadhata
Jeannette M. Wing
1.1 Introduction
1(4)
1.2 Motivation
5(2)
1.3 I/O Automata Model
7(8)
1.4 Damage Potential and Effort
15(5)
1.5 A Quantitative Metric
20(3)
1.6 Empirical Results
23(2)
1.7 Related Work
25(2)
1.8 Summary and Future Work
27(2)
References
27(2)
2 Effectiveness of Moving Target Defenses
29(20)
David Evans
Anh Nguyen-Tuong
John Knight
2.1 Introduction
29(1)
2.2 Diversity Defenses
30(2)
2.3 Model
32(2)
2.4 Attack Strategies
34(5)
2.5 Analysis
39(5)
2.6 Discussion
44(2)
2.7 Conclusion
46(3)
References
47(2)
3 Global ISR: Toward a Comprehensive Defense Against Unauthorized Code Execution
49(28)
Georgios Portokalidis
Angelos D. Keromytis
3.1 Introduction
49(2)
3.2 Instruction-Set Randomization
51(4)
3.3 Hardware-based ISR
55(3)
3.4 Software-only ISR
58(5)
3.5 Perl Randomization
63(1)
3.6 SQL Randomization
64(5)
3.7 Security Considerations
69(2)
3.8 Related Work
71(2)
3.9 Conclusions
73(4)
References
74(3)
4 Compiler-Generated Software Diversity
77(22)
Todd Jackson
Babak Salamat
Andrei Homescu
Karthikeyan Manivannan
Gregor Wagner
Andreas Gal
Stefan Brunthaler
Christian Wimmer
Michael Franz
4.1 Introduction and Motivation
77(3)
4.2 Multi-Variant Execution
80(6)
4.3 Massive-Scale Software Diversity
86(3)
4.4 Diversification Techniques
89(7)
4.5 Conclusions
96(3)
References
97(2)
5 Symbiotes and defensive Mutualism: Moving Target Defense
99(10)
Ang Cui
Salvatore J. Stolfo
5.1 Introduction
99(1)
5.2 Related Work
100(2)
5.3 The Symbiote/Host Relationship
102(7)
References
107(2)
6 Manipulating Program Functionality to Eliminate Security Vulnerabilities
109(8)
Martin Rinard
6.1 Introduction
109(1)
6.2 Input Rectification
110(1)
6.3 Functionality Excision
111(1)
6.4 Functionality Replacement
111(1)
6.5 Loop Perforation
112(1)
6.6 Dynamic Reconfiguration via Dynamic Knobs
112(1)
6.7 Observed Invariant Enforcement
112(1)
6.8 Cyclic Memory Allocation
113(1)
6.9 Failure-Oblivious Computing
113(1)
6.10 Conclusion
113(4)
References
114(3)
7 End-to-End Software Diversification of Internet Services
117(14)
Mihai Christodorescu
Matthew Fredrikson
Somesh Jha
Jonathon Giffin
7.1 Introduction
118(1)
7.2 Running Example
119(4)
7.3 End-to-End Diversification of a Software Stack
123(3)
7.4 First Technical Challenge: Impact on Security
126(1)
7.5 Second Technical Challenge: Impact on Software Development
127(1)
7.6 Third Technical Challenge: Impact on Runtime Performance
128(1)
7.7 Fourth Technical Challenge: Impact on Deployment
129(1)
7.8 Conclusion and Open Problems
129(2)
References
130(1)
8 Introducing Diversity and Uncertainty to Create Moving Attack Surfaces for Web Services
131(22)
Yih Huang
Anup K. Ghosh
8.1 Introduction
132(5)
8.2 Web Programming Practices with MAS
137(1)
8.3 Opportunities for Diversification
138(7)
8.4 Management Complexity
145(1)
8.5 The Need for New Metrics
146(1)
8.6 Related Work
147(2)
8.7 Conclusion
149(4)
References
149(4)
9 Toward Network Configuration Randomization for Moving Target Defense
153(8)
Ehab Al-Shaer
9.1 Introduction
153(2)
9.2 MUTE Approach
155(3)
9.3 MUTE Research Challenges
158(3)
References
159(2)
10 Configuration Management Security in Data Center Environments
161
Krishna Kant
10.1 Introduction
161(1)
10.2 Configuration Management Basics
162(5)
10.3 Security of Configuration Management Data
167(5)
10.4 Securing Configuration Management Data
172(3)
10.5 Challenges in Securing Configuration Management
175(5)
10.6 Conclusions
180
References
180