ChameleonSoft: A moving target defense system

Abstract

Ubiquitous cyber systems and their supporting infrastructure impact productivity and quality of life immensely. Their penetration in our daily life increases the need for their enhanced resilience and for means to secure and protect them. One major threat is the software monoculture. Latest research work illustrated the danger of software monoculture and introduced diversity to reduce the attack surface. In this paper, we propose a biologically-inspired defense system, ChameleonSoft, that employs multidimensional software diversity to, in effect, induce spatiotemporal software behavior encryption and a moving target defense. The key principles are decoupling functional roles and runtime role players; devising intrinsically-resilient composable online programmable building blocks; separating logic, state and physical resources; and employing functionally-equivalent, behaviorally-different code variants. Given, our construction, ChameleonSoft is also equipped with an autonomic failure recovery mechanism for enhanced resilience. Nodes employing ChameleonSoft autonomously and cooperatively change their recovery and encryption policy both proactively and reactively according to the continual change in context and environment. In order to test the applicability of the proposed approach, we present a prototype of the ChameleonSoft Behavior Encryption (CBE) and recovery mechanisms. Further, using analysis and simulation, we study the performance and security aspects of the proposed system. This study aims to evaluate the provisioned level of security by measuring the level of induced confusion and diffusion to quantify the strength of the CBE mechanism. Further, we compute the computational cost of security provisioning and enhancing system resilience. A brief attack scenario is also included to illustrate the complexity of attacking ChameleonSoft. © 2011 ICST.