scholarly journals Moving Target Defense Considerations in Real-Time Safety- and Mission-Critical Systems

2020 ◽  
Author(s):  
Nathan Burow ◽  
Ryan Burrow ◽  
Roger Khazan ◽  
Howard Shrobe ◽  
Bryan C. Ward
Keyword(s):  
Real Time ◽  
Moving Target ◽  
Critical Systems ◽  
Moving Target Defense ◽  
Mission Critical

scholarly journals Intrusion Detection System for Applications using Linux Containers

2016 ◽  
Author(s):  
Amr Abed
Keyword(s):  
Intrusion Detection ◽  
Real Time ◽  
Intrusion Detection System ◽  
Detection System ◽  
Cyber Attacks ◽  
Critical Systems ◽  
System Calls ◽  
Industrial Use ◽  
Mission Critical ◽  
Linux Containers

Linux containers are gaining increasing traction in both individual and industrial use, and as these containers get integrated into mission-critical systems, real-time detection of malicious cyber attacks becomes a critical operational requirement. This paper introduces a real-time host-based intrusion detection system that can be used to passively detect malfeasance against applications within Linux containers running in a standalone or in a cloud multi-tenancy environment. The demonstrated intrusion detection system uses bags of system calls monitored from the host kernel for learning the behavior of an application running within a Linux container and determining anomalous container behavior. Performance of the approach using a database application was measured and results are discussed.

scholarly journals An Adaptive IP Hopping Approach for Moving Target Defense Using a Light-Weight CNN Detector

2021 ◽  
Vol 2021 ◽  
pp. 1-17
Author(s):  
Xiaoyu Xu ◽  
Hao Hu ◽  
Yuling Liu ◽  
Hongqi Zhang ◽  
Dexian Chang
Keyword(s):  
Neural Network ◽  
Real Time ◽  
Input Data ◽  
Moving Target ◽  
Software Defined Network ◽  
Light Weight ◽  
Network Attacks ◽  
Moving Target Defense ◽  
System Overhead ◽  
Data Preprocess

Scanning attack is normally the first step of many other network attacks such as DDoS and propagation worm. Because of easy implementation and high returns, scanning attack especially cooperative scanning attack is widely used by hackers, which has become a serious threat to network security. In order to defend against scanning attack, this paper proposes an adaptive IP hopping in software defined network for moving target defense (MTD). In order to accurately respond to attacker’s behavior in real time, a light-weight convolutional neural network (CNN) detector composed of three convolutional modules and a judgment module is proposed to sense scanning attack. Input data of the detector is generated via designed packets sampling and data preprocess. The detection result of the detector is used to trigger IP hopping. In order to provide some fault tolerance for the CNN detector, IP hopping can also be triggered by a preset timer. The CNN driving adaptability is applied to a three-level hopping strategy to make the MTD system optimize its behavior according to real time attack. Experiments show that compared with existing technologies, our proposed method can significantly improve the defense effect to mitigate scanning attack and its subsequent attacks which are based on hit list. Hopping frequency of the proposed method is also lower than that of other methods, so the proposed method shows lower system overhead.

Sign in / Sign up

Export Citation Format

Share Document