A team of researchers from the U.S. Army Research Laboratory, the University of Canterbury in New Zealand and the Gwangju Institute of Science and Technology in the Republic of Korea have taken a step toward the development of moving target defense techniques in software-defined networks. This is a demanding cybersecurity research topic, scientists said.
This collaboration grew out of efforts of ARL researchers Dr. Jin-Hee Cho (now at Virginia Tech in the Department of Computer Science), Dr. Terrence J. Moore and Dr. Frederica Nelson reaching out to researchers in Asia Pacific regions through the international collaborative program administrated by the U.S. Army International Technology Center-Pacific.
Cyberattacks on computer systems are becoming more common. Any company with information on a computer system connected to the internet might become a victim from someone or some group who wants to steal or destroy the company's data for their own use, or for ransom.
This is possible because of the way the Internet is set up, researchers said. In order to access content on a website, a computer needs to know where to ask for the information. Websites have an address, what is known as an internet protocol, or IP, address; however, these are not just used for websites. Every computer connected to the internet has an IP address.
Cyber attackers have time to discover the IP addresses of the computers they think might have valuable information and attack them using code that is more commonly known as computer viruses or worms.
If the computer or system being attacked has a security system, such as a firewall or anti-virus software, it might be able to recognize some code as being bad and prevent itself from being infected.
What cyber attackers do is slightly modify their bad code so it is not recognized until the computer's security system is updated or patched.
The First VR Headset came out in the 1960’s. Coined as the “Telesphere Mask” by inventor Morton Heilig. This device features stereoscopic (3-D) TV, wide vision and true stereo sound.
Essentially, the typical defensive response to these attacks is passive, the researchers said. The attackers have time to prepare, plan and execute their attacks, whereas the potential victims are left reacting only after an intruder breaks into a computer system.
Recently, a new proactive type of defense is being considered to protect important information in computer systems. This approach is known as moving target defense, or MTD.
"The concept of MTD has been introduced with the aim of increasing the adversary's confusion or uncertainty by dynamically changing the attack surface, which consists of the reachable and exploitable vulnerabilities," Cho said. "MTD can lead to making the adversary's intelligence gained from previous monitoring no longer useful and accordingly results in poor attack decisions."
The basic idea as it applies to IP addresses on computer networks is this: Change the IP address of the computer frequently enough so the attacker loses sight of where his victim is; however, this can be expensive, so the approach taken by the researchers in the collaboration here uses something known as software-defined networking.
This lets computers keep their real IP addresses fixed, but masks them from the rest of the internet with virtual IP addresses that are frequently changing.
Moore added that as the adage suggests, it is harder to hit a moving target.
"MTD increases uncertainty and confuses the adversary, as time is no longer an advantage," Moore said. "The adversary has to expend more resources, such as time and/or computational power, to discover vulnerabilities of a target system, but will experience more difficulty in exploiting any vulnerabilities found in the past since their location or accessibility is constantly changing."
According to Professor Hyuk Lim at GIST in the Republic of Korea, this proactive defense approach provides defense services before attackers get into a target system.
"Taking actions proactively requires extra overhead to add another layer of defense strength," Kim said. "Hence, deploying the proactive defense and security mechanisms is not for free, but brings a cost because the system needs to constantly change the attack surface such as IP addresses. This cost can be mitigated to some extent by leveraging the technology called 'Software-Defined Networking'. The SDN technology provides highly efficient programmatic and dynamic management of the network policy by removing the network control from individual devices in a network to a centralized controller. The network configuration can be defined by the SDN controller, enabling more reliable and responsive network operations under variable conditions."
The First Computer Virtual and Augmented Reality Headset – The ‘Ultimate Display’ Concept and the Sword of Damocles. If we could name one person as the father of Virtual and Augmented Reality headsets as we know them today, it would without a doubt be Ivan Sutherland. In the 1960s, he described the concept of the ‘Ultimate Display’ that would be able to stimulate reality to a point that the viewer would not be able to tell the difference between the virtual and the real world. His concept included a head-mounted display with 3D sound and tactile feedback, a computer that would create and maintain the virtual world through this device and the ability of a user to interact with objects from the virtual world in a realistic manner. Sutherland later created the first VR/AR head-mounted display, which was connected to a computer and not a camera, known as the Sword of Damocles. However, the contraption he made was too heavy for a person to wear comfortably on their head, so the device had to be suspended from the ceiling. Furthermore, the computer generated graphics were too primitive with wireframe rooms and objects.
Nelson explained the reason why these SDN-based MTD techniques are critical to supporting the vision of the Army and warfighters.
"The key technology of SDN-based MTD techniques, under development by the research team, is highly relevant to support the warfighters' mission execution by proactively thwarting potential attacks, which can protect the defense system so that the warfighters can properly execute the mission in the presence of highly dynamic, hostile and innovative adversaries within contested tactical environments," Nelson said.
The UC team in New Zealand led the effort of developing the MTD technology called the Flexible Random Virtual IP Multiplexing, namely FRVM.
"In FRVM, while the real IP address of a server-host remains unchanged but stays hidden, a virtual IP address of the server-host keeps being randomly and periodically changed where the IP mapping/remapping (i.e., called multiplexing/demultiplexing) is performed by an SDN controller," said Dilli P. Sharma, a doctoral student in Prof. DongSeong Kim's cybersecurity research group at UC, New Zealand. "This effectively forces the adversary to play the equivalent of an honest shell game. However, instead of guessing among three shells (IP addresses) to find a pea (a running network service), the adversary must guess among 65,536 shells, given address space2^16. This MTD protocol is novel because it provides high flexibility to have multiple, random, time-variant IP addresses in a host, which implies the adversary will require more time to discover an IP address of the target host."
In this research, the team formulated the architecture and communication protocols for the proposed IP (de)multiplexing-based MTD to be applied in SDN environments.
The team also validated the effectiveness of the FRVM under various degrees of scanning attacks in terms of the attack success probability.
The preliminary results evaluating the FRVM were presented at the 17th Institute of Electrical and Electronics Engineers International Conference on Trust, Security and Privacy in Computing and Communications, or TrustCom'18, held in New York in August.
"Our next step is to study the trade-off in the FRVM between the dual conflicting goals of system security and performance, as proactive defense may introduce adverse effects when running MTD techniques while achieving enhanced security," Kim said.
DP Sharma, D-S Kim, S Yoon, H Lim, J-H Cho, TJ Moore, "FRVM: Flexible random virtual ip multiplexing in software-defined networks," 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications, New York City, July 31- August 3, 2018, p. 579-587.
Its not just about the fun and games. Other than providing action-packed, fun-filled entertainment for the entire family, VR plays a big role to help humanity as developers use it to help those in need in ways that were unimaginable 20 years ago. Some use it to cure phantom pain among amputee victims, while others rely on VR to provide therapy for soldiers suffering from post-traumatic stress disorder. VR has also been proven to help children with autism by teaching them social cues and real world lessons. It is being used as a practice board for surgical students before they make the first cut. There is even a VR content targeted at young adults that simulates their physical condition when they get to their 60s, and thus encourages them to save for the future.
Sharma DP, Kim DS, Yoon S, Lim H, Cho JH, Moore TJ. FRVM: Flexible Random Virtual IP Multiplexing in Software-Defined Networks. arXiv preprint arXiv:1807.09343. 2018 Jul 18.