skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Evolutionary Drift Models for Moving Target Defense

Abstract

One of the biggest challenges faced by cyber defenders is that attacks evolve more rapidly than our ability to recognize them. We propose a moving target defense concept in which the means of detection is set in motion. This is done by moving away from static signature-based detection and instead adopting biological modeling techniques that describe families of related sequences. We present here one example for how to apply evolutionary models to cyber sequences, and demonstrate the feasibility of this technique on analysis of a complex, evolving software project. Specifically, we applied sequence-based and profile-based evolutionary models and report the ability of these models to recognize highly volatile code regions. We found that different drift models reliably identify different types of evolutionarily related code regions. The impact is that these (and possibly other) evolutionary models could be used in a moving target defense in which the "signature" being used to detect sequence-based behaviors is not a fixed signature but one that can recognize new variants of a known family based on multiple evolutionary models.

Authors:
; ;
Publication Date:
Research Org.:
Pacific Northwest National Lab. (PNNL), Richland, WA (United States)
Sponsoring Org.:
USDOE
OSTI Identifier:
1078012
Report Number(s):
PNNL-SA-90818
DOE Contract Number:  
AC05-76RL01830
Resource Type:
Conference
Resource Relation:
Conference: CSIIRW '12: Proceedings of the 8th Annual Cyber Security and Information Intelligence Research Workshop, October 30-November 2, 2012, Oak RIdge, Tennessee
Country of Publication:
United States
Language:
English

Citation Formats

Oehmen, Christopher S., Peterson, Elena S., and Teuton, Jeremy R. Evolutionary Drift Models for Moving Target Defense. United States: N. p., 2012. Web.
Oehmen, Christopher S., Peterson, Elena S., & Teuton, Jeremy R. Evolutionary Drift Models for Moving Target Defense. United States.
Oehmen, Christopher S., Peterson, Elena S., and Teuton, Jeremy R. Wed . "Evolutionary Drift Models for Moving Target Defense". United States.
@article{osti_1078012,
title = {Evolutionary Drift Models for Moving Target Defense},
author = {Oehmen, Christopher S. and Peterson, Elena S. and Teuton, Jeremy R.},
abstractNote = {One of the biggest challenges faced by cyber defenders is that attacks evolve more rapidly than our ability to recognize them. We propose a moving target defense concept in which the means of detection is set in motion. This is done by moving away from static signature-based detection and instead adopting biological modeling techniques that describe families of related sequences. We present here one example for how to apply evolutionary models to cyber sequences, and demonstrate the feasibility of this technique on analysis of a complex, evolving software project. Specifically, we applied sequence-based and profile-based evolutionary models and report the ability of these models to recognize highly volatile code regions. We found that different drift models reliably identify different types of evolutionarily related code regions. The impact is that these (and possibly other) evolutionary models could be used in a moving target defense in which the "signature" being used to detect sequence-based behaviors is not a fixed signature but one that can recognize new variants of a known family based on multiple evolutionary models.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2012},
month = {10}
}

Conference:
Other availability
Please see Document Availability for additional information on obtaining the full-text document. Library patrons may search WorldCat to identify libraries that hold this conference proceeding.

Save / Share: