access icon free Mimic defense: a designed-in cybersecurity defense framework

In recent years, both academia and industry in cyber security have tried to develop innovative defense technologies, expecting that to change the rules of the game between attackers and defenders. The authors start by analysing the root causes of security problems in cyberspace: (i) vulnerabilities in cyber systems are universal; (ii) current cyber systems are static, predictable and monoculture which allows adversaries to plan and launch attacks effectively; (iii) existing techniques cannot detect and eliminates attacks employing unknown vulnerabilities. Based on their analysis, they develop a novel defense framework, mimic defense (MD), that employs ‘dynamic, heterogeneity, redundancy (DHR)’ mechanism to defense cyber attacks. The main ideas behind MD are: constructing diverse functional equivalent variants for the protected target; scheduling some variants to run in parallel dynamically; and adopting policy-based arbitration mechanism to decide whose results of current running variants are correct. Theoretical analysis and simulation results show that DHR can significantly increase the difficulties for attackers and enhance the security of cyber systems, and the security enhancement can be more than ten times. They also present a proof-of-principle prototype that employ MD, mimic router, to examine its effectiveness. Finally, they conclude its limitations.

Inspec keywords: security of data

Other keywords: cyber attacks; cybersecurity defense framework; mimic router; dynamic-heterogeneity-redundancy mechanism; policy-based arbitration mechanism; innovative defense technologies; mimic defense; security enhancement; proof-of-principle prototype; DHR mechanism; security problems; diverse functional equivalent variants

Subjects: Data security

http://iet.metastore.ingenta.com/content/journals/10.1049/iet-ifs.2017.0086
Loading

Related content

content/journals/10.1049/iet-ifs.2017.0086
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading