Share these talks and lectures with your colleagues
Invite colleaguesPractice paper
Moving target defence: Economics and asymmetry
Cyber Security: A Peer-Reviewed Journal,
3
(4),
294-307
(2020)
Abstract
In cyberspace, warfare is asymmetric. It takes only a small army of well-trained hackers to inflict major damage on a much larger adversary. Ironically, the inequity stems from standardisation. When bad actors find a vulnerability in a popular application or operating system, they can exploit it on millions of systems, yielding exponential reward for linear effort. The hacker’s advantage, then, is economic rather than technical. Unless and until we reverse this dynamic, the adversary will have the advantage. Moving target defence (MTD), also called polymorphic defence, has the potential to diminish the enemy’s asymmetric advantage. This paper surveys the major MTD technologies currently on the market and under development, with special attention to dynamic runtime environments. In particular, it explores how each technology might reverse, or at least mitigate, the economic leverage the enemy now exerts when discovering and exploiting vulnerabilities.
Keywords: moving target defence (MTD); polymorphic; address space layout randomisation (ASLR); instruction set randomisation (ISR); attack surface; honeypot; honeynet; diversity
The full article is available to subscribers to the journal.
Author's Biography
Don Maclean is Chief Cybersecurity Technologist for DLT – A Tech Data Company and formulates and executes cyber security portfolio strategy, speaks and writes on security topics and socialises his company’s cyber security portfolio. Don has nearly 30 years’ experience working with US Federal agencies. Before joining DLT in 2015, Don managed security programmes for numerous US Federal agencies, including the Department of Justice (DOJ), Department of Labor (DOL), Federal Aviation Administration (FAA), Federal Bureau of Investigation (FBI) and the Treasury Department. This experience allowed him to observe the strengths and limitations of traditional cyber security defences, leading to his interest in innovative technologies such as those featured in this paper. In addition to his CISSP, PMP and CCSK certificates, Don holds a BA in music from Oberlin, an MS in information security from the Brandeis Rabb School, and is a recipient of the FedScoop 50 award for industry leadership. An avid musician, Don organises a concert for charity every year, and has been known to compete in chess and Shogi (Japanese chess) tournaments, both in person and online.
