Communications of the ACM
Shuffling May Be Best Cybersecurity Defense
Credit: iStockPhoto.com
A team of George Mason researchers proposes a "moving-target" defense against distributed denial-of-service attacks. The defense works by repeatedly shuffling client-to-server assignments to identify and eventually quarantine malicious clients.
Denial-of-service attacks, which work by overwhelming a target system thereby forcing it to shut down and deny service to legitimate users, are increasing in severity as assault methods become more sophisticated and attackers' goals more sinister. These types of attacks hit a record high in 2015 when they increased by as much as 132 percent over the previous year, according to Digital Trends.
"Our research is vital as a real-world solution to these attacks, which are one of the most critical cybersecurity threats today, crippling online businesses with downed websites, financial losses, and damaged client relationships," says Angelos Stavrou, who helped conduct the research and teaches in Mason's MS in Management of Secure Information Systems program.
The research on this innovative cybersecurity defense is starting to get industry recognition. The work is described in "On the Move: Evading Distributed Denial-of-Service Attacks," published in IEEE Computer magazine.
The graphic below shows a simple example of the shuffling or "moving target" defense. The protected system has two servers for normal operation, and each is under attack by a malicious client blended with legitimate clients (C1-C4). The "moving target" defense introduces two additional servers and repeatedly shuffles clients until only one server is being attacked.
Eventually, in a process that involves multiple servers and multiple rounds of shuffling, it is possible to identify and segregate the attackers. The system, even when under attack, will be available to most legitimate clients — preserving an organization's reputation, productivity, and revenue.
No entries found