|
Third ACM Workshop on
Moving Target Defense (MTD 2016) In
conjunction with the 23rd ACM Conference on Computer and Communications Security
(CCS) |
|
|
CFP | Submission | Dates|
Keynote Speakers | Program
| Organizers |
|
Venue: MTD 2016 will be held on the first
day of the 23rd ACM CCS (Conference on Computer and Communications Security,
October 24-28, 2016) at the Hofburg Palace, Vienna, Austria. Background: The static nature of current
computing systems has made them easy to attack and harder to defend. Adversaries
have an asymmetric advantage in that they have the time to study a system,
identify its vulnerabilities, and choose the time and place of attack to gain
the maximum benefit. The idea of moving-target defense (MTD) is to impose the
same asymmetric disadvantage on attackers by making systems dynamic and
therefore harder to explore and predict. With a constantly changing system
and its ever adapting attack surface, attackers will have to deal with a
great deal of uncertainty just like defenders do today. The ultimate goal of
MTD is to increase the attackers’ workload so as to level the cybersecurity
playing field for both defenders and attackers - hopefully even tilting it in
favor of the defender. Workshop Goals: This workshop seeks to bring
together researchers from academia, government, and industry to report on the
latest research efforts on moving-target defense, and to have productive
discussion and constructive debate on this topic. We solicit paper and system
demo submissions on original research in the broad area of MTD, with possible
topics such as those listed below. Since MTD research is still in its nascent
stage, the list should only be used as a reference. We welcome all works that fall under the
broad scope of moving target defense, including research that shows negative
results. · System randomization · Artificial diversity · Cyber maneuver · Bio-inspired defenses · Dynamic network configuration · Moving target in the cloud · System diversification techniques · Dynamic compilation techniques · Adaptive defenses · MTD quantification methods and
models · Large-scale MTD (using multiple
techniques) · Moving target in software coding,
application APIs virtualization · Autonomous technologies for MTD · Theoretic study on modeling trade-offs
of using MTD approaches · Human, social, and psychology
aspects of MTD · Other related areas Paper submissions: Submitted papers must not
substantially overlap papers that have been published or that are simultaneously
submitted to a journal or a conference with proceedings. Submissions should
be at most 10 pages in the ACM double-column format, excluding well-marked
appendices, and at most 12 pages in total. Submissions are not required to be
anonymized. System demo submissions: Each accepted system demo must be
demonstrated on site by a registered workshop attendee; then a 2-page
description can be included in the proceedings. System demo submissions
should be at most 2 pages in the ACM double-column format, excluding
well-marked appendices, and at most 4 pages in total. Submitted system demos
must not substantially overlap system demos that have been published or that
are simultaneously submitted to another conference with proceedings.
Submissions are not required to be anonymized. Submission web site: Both paper and system demo
submissions are to be made to the submission web site at https://easychair.org/conferences/?conf=mtd20160.
Only PDF files will be accepted. Submissions not meeting these guidelines
risk rejection without consideration of their merits. Papers must be received
by the deadline of July 27, 2016 to be considered. Notification of acceptance
or rejection will be sent to authors by September 5, 2016. Authors of
accepted papers must guarantee that one of the authors will register and
present the paper at the workshop. Proceedings of the workshop will be
available on a CD to the workshop attendees and will become part of the ACM
Digital Library. Contact: Peng Liu and Cliff Wang, MTD 2016
Program Chairs, mtd2016-0@easychair.org
·
Paper
submission due: July 27, 2016 [FIRM] ·
Notification
to authors: September 5, 2016 ·
Camera
ready due: September 12, 2016 ·
Workshop
date: October 24, 2016 Title: A Cyber Mutation: Metrics,
Techniques and Future Directions Abstract:
After decades of cyber warfare, it is well-known that the static and
predictable behavior of cyber configuration provides a great advantage to
adversaries to plan and launch their attack successfully. At the same time,
as cyber-attacks are getting highly stealthy and more sophisticated, their
detection and mitigation become much harder and expensive. We developed a new
foundation for moving target defense (MTD) based on cyber mutation, as a new
concept in cybersecurity to reverse this asymmetry in cyber warfare by
embedding agility into cyber systems. Cyber mutation enables cyber systems to
automatically change its configuration parameters in unpredictable, safe and
adaptive manner in order to proactively achieve one or more of the following
MTD goals: (1) deceiving attackers from reaching their goals, (2) disrupting
their plans via changing adversarial behaviors, and (3) deterring adversaries
by prohibitively increasing the attack effort and cost. In this talk, we will present the formal
foundations, metrics and framework for developing effective cyber mutation
techniques. The talk will also review several examples of developed
techniques including Random Host Mutation, Random Rout Mutation,
fingerprinting mutation, and mutable virtual networks. The talk will also
address the evaluation and lessons learned for advancing the future research
in this area. Bio: Dr. Ehab Al-Shaer is a Professor in Computer Science, the director of
the Cyber Defense and Network Assurability (CyberDNA)
Center, and the director of NSF IUCRC Center on Security Configuration
Analytics and Automation in UNC Charlotte. His area of research expertise
includes security analytics and automation, auto-resiliency, configuration
verification and hardening for enterprise and cloud computing, cyber agility
& moving target defense, security & resiliency of smart grid and IoT systems,
security & resiliency metrics, and next-generation intrusion detection.
Dr. Al-Shaer has edited/co-edited more than 9 books, and published about 190
refereed journals and conferences papers in his area. He was designated as a
Subject Matter Expert (SME) in the area of security analytics and automation
in DoD Information Assurance Newsletter published in 2011. He received the
IBM Faculty Award in 2012. I was the General Chair of ACM Computer and
Communication in 2009 and 2010 and NSF Workshop in Assurable and Usable
Security Configuration in 2008. Dr. Al-Shaer was also the PC chair for many
other conferences and workshops including ACM/IEEE SafeConfig 2009 and 2013,
IEEE Integrated Management 2007, IEEE POLICY 2008, and others. Since he
joined UNC Charlotte in 2009, Dr. Al-Shaer has received a total research
funding of more than $8M from various government and industry sources
including NSF, NSA, AFRL, ARO, Duke Energy, IBM, Bank of America, Wells
Fargo, BB&T, RTI, DTCC and others. Title: Moving Target Defense – A Journey
from Idea to Product Abstract: Today’s enterprise networks are
“sitting ducks” waiting for attackers to exploit them. To a determined
attacker, there are many ways to get inside an enterprise network, bypass any
current protection technologies, and attack the intended targets. Innovations
in cyber security technology are needed that go beyond what the current state
of the art has to offer. As
part of the research and development community, we have participated in
developing such innovative technologies providing moving target defense
capabilities to enterprise networks. In particular, the Self-shielding
Dynamic Network Architecture (SDNA) technology (currently known as CryptoniteNXT) dynamically alters an enterprise network’s
appearance and behavior to stop cyber-attacks, including zero-day and
targeted advanced persistent threats, while maintaining transparency to the
user, application, and operating system. SDNA prevents an attacker from
targeting, entering, or spreading through an enterprise network by adding
dynamics that present a changing view of the network over space and time. If
an attacker gains a foothold inside the enterprise network, for example, a
malicious insider or a host compromised by a phishing attack, SDNA limits the
attacker’s ability to spread and operate by constraining each host to an
abstract, modified, and obfuscated view of the network. SDNA
is a unique offering in that it is pro-active in its protection and that it
does not depend on continuous intervention from the Information Technology
(IT) department to maintain a secure environment. Based on the significant market potential
of SDNA and excellent test results, we have spun off this technology as a
separate company to raise commercial investment for product launch,
marketing, sales, etc. It is anticipated that the matured SDNA products will
greatly enhance the cyber security posture and reduce cyber security
associated damage costs in a wide range of commercial and government sectors.
In
this invited talk, Dr. Jason Li will describe the SDNA/CryptoniteNXT
technology, its lifetime from inception to maturity, as well as lessons
learned through the exciting journey of research, development, maturation,
security testing/red teaming, and productization. The cyber moving target
(MT) approach has been identified as one of the game-changing themes to
rebalance the cyber landscape in favor of defense. MT techniques make cyber
systems less static, less homogeneous, and less deterministic in order to
create uncertainty for attackers. Although many MT techniques have been
proposed in the literature, little has been done to evaluate their
effectiveness, benefits, and weaknesses. In this talk, we describe the status
quo in MT prototyping and evaluation and provide recommendations for a more
systematic approach in designing and implementing more effective MT defenses.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
