Attack Surface Mutation
Agency / Branch:
DOD / USAF
When attackers decide they are going to try to attack a network, the first task they set out to do is research. They research and gather information about the network and its structure for possible inclusion in a future attack. All of the research and information gathered will still be valid if the network structure remains static. The proposed Service Distributor (SerDis) will provide a framework to allow for the dynamic mutation of the network structure by relocating network services on the fly. The SerDis framework will allow for plug-ins to detect, mitigate, and respond to network scans and attacks automatically. Further, the same plug-in architecture will allow for the SerDis framework to be extended and protect against new and evolving future threats. With SerDis, a network can break free from its previous static nature and create a barrier to an attacker by creating a moving target. BENEFIT: With SerDis's ability to relocate key services within a network, the Global Information Grid's security, survivability, and adaptability will be greatly enhanced. Critical services will be moved to different machines in a timed fashion or as old machines are taken offline or compromised. In addition, the active network defense mechanisms built in to the SerDis framework will provide for the network's automated mutation and response and allow network administrators to better react to growing threats.
Small Business Information at Submission:
105 A Church Street Madison, AL 35758
Number of Employees: