Kang, Ki-Wan
(Dept. of Information Security, and Convergence Engineering for Intelligent Drone, Sejong University)
,
Seo, Jung Taek
(Department of Computer Engineering, Gachon University)
,
Baek, Sung Hoon
(Department of Computer System Engineering, Jungwon University)
,
Kim, Chul Woo
(LG CNS)
,
Park, Ki-Woong
(Dept. of Information Security, and Convergence Engineering for Intelligent Drone, Sejong University)
In recent years, container techniques have been broadly applied to cloud computing systems to maximize their efficiency, flexibility, and economic feasibility. Concurrently, studies have also been conducted to ensure the security of cloud computing. Among these studies, moving-target defense techniq...
In recent years, container techniques have been broadly applied to cloud computing systems to maximize their efficiency, flexibility, and economic feasibility. Concurrently, studies have also been conducted to ensure the security of cloud computing. Among these studies, moving-target defense techniques using the high agility and flexibility of cloud-computing systems are gaining attention. Moving-target defense (MTD) is a technique that prevents various security threats in advance by proactively changing the main attributes of the protected target to confuse the attacker. However, an analysis of existing MTD techniques revealed that, although they are capable of deceiving attackers, MTD techniques have practical limitations when applied to an actual cloud-computing system. These limitations include resource wastage, management complexity caused by additional function implementation and system introduction, and a potential increase in attack complexity. Accordingly, this paper proposes a software-defined MTD system that can flexibly apply and manage existing and future MTD techniques. The proposed software-defined MTD system is designed to correctly define a valid mutation range and cycle for each moving-target technique and monitor system-resource status in a software-defined manner. Consequently, the proposed method can flexibly reflect the requirements of each MTD technique without any additional hardware by using a software-defined approach. Moreover, the increased attack complexity can be resolved by applying multiple MTD techniques.
In recent years, container techniques have been broadly applied to cloud computing systems to maximize their efficiency, flexibility, and economic feasibility. Concurrently, studies have also been conducted to ensure the security of cloud computing. Among these studies, moving-target defense techniques using the high agility and flexibility of cloud-computing systems are gaining attention. Moving-target defense (MTD) is a technique that prevents various security threats in advance by proactively changing the main attributes of the protected target to confuse the attacker. However, an analysis of existing MTD techniques revealed that, although they are capable of deceiving attackers, MTD techniques have practical limitations when applied to an actual cloud-computing system. These limitations include resource wastage, management complexity caused by additional function implementation and system introduction, and a potential increase in attack complexity. Accordingly, this paper proposes a software-defined MTD system that can flexibly apply and manage existing and future MTD techniques. The proposed software-defined MTD system is designed to correctly define a valid mutation range and cycle for each moving-target technique and monitor system-resource status in a software-defined manner. Consequently, the proposed method can flexibly reflect the requirements of each MTD technique without any additional hardware by using a software-defined approach. Moreover, the increased attack complexity can be resolved by applying multiple MTD techniques.
Thus, the MTD is employed to ensure the security of service modules. In this study, the Apache web service, which is operated in actual cloud-computing systems, is implemented to verify the accuracy of the proposed SD-MTD system.
These include wasted resources, management complexity caused by the additional function implementation and system introduction, and an increase in attack complexity. The proposed SD-MTD system was composed of an SD-MTD dashboard and SD- MTD orchestrator, SD-MTD agent, and SD-MTD connector modules. The administrator first selected the MTD for the service to be protected from the SD-MTD dashboard, and then defined its valid mutation range and mutation cycle.
성능/효과
Subsequently, the SD-MTD system requirements were derived, and the proposed system was designed and implemented according to these requirements. First, to achieve a flexible management, the system was designed to enable the administrator to monitor the system-resource status in real time through the implemented dashboard and configure a valid mutation range and mutation cycle for the MTD techniques. Second, when multiple MTD techniques are implemented, the economic feasibility of the cloud computing system is compromised because each MTD technique has different requirements.
Cloud computing systems, which offer a high agility and flexibility, have enabled the implementation of various MTD techniques. However, an analysis of existing MTD techniques revealed that although each technique was capable of deceiving attackers, they had limitations when applied to an actual cloud-computing system. These include wasted resources, management complexity caused by the additional function implementation and system introduction, and an increase in attack complexity.
First, to achieve a flexible management, the system was designed to enable the administrator to monitor the system-resource status in real time through the implemented dashboard and configure a valid mutation range and mutation cycle for the MTD techniques. Second, when multiple MTD techniques are implemented, the economic feasibility of the cloud computing system is compromised because each MTD technique has different requirements. To address this, a software-defined technique was employed to flexibly reflect the requirements.
The limitations of existing MTD techniques were derived prior to designing and implementing the SD-MTD system proposed in this study. Subsequently, the SD-MTD system requirements were derived, and the proposed system was designed and implemented according to these requirements. First, to achieve a flexible management, the system was designed to enable the administrator to monitor the system-resource status in real time through the implemented dashboard and configure a valid mutation range and mutation cycle for the MTD techniques.
The SD-MTD orchestrator module verified that a valid range of mutation elements had been defined through the dashboard and created a mutation list. The SD-MTD agent and SD-MTD connector modules were located between the services provided by the cloud computing system and authorized service user. They obfuscated the communication according to the mutation list transmitted from the SD- MTD orchestrator module and the mutation cycle configured from the SD-MTD dashboard.
The administrator first selected the MTD for the service to be protected from the SD-MTD dashboard, and then defined its valid mutation range and mutation cycle. The SD-MTD orchestrator module verified that a valid range of mutation elements had been defined through the dashboard and created a mutation list. The SD-MTD agent and SD-MTD connector modules were located between the services provided by the cloud computing system and authorized service user.
The SD-MTD agent and SD-MTD connector modules were located between the services provided by the cloud computing system and authorized service user. They obfuscated the communication according to the mutation list transmitted from the SD- MTD orchestrator module and the mutation cycle configured from the SD-MTD dashboard. The limitations of existing MTD techniques were derived prior to designing and implementing the SD-MTD system proposed in this study.
To address this, a software-defined technique was employed to flexibly reflect the requirements. Third, an MTD has some limitations when faced with an increased attack complexity because of limited system resources. This limitation can be resolved by applying multiple MTD techniques.
Second, when multiple MTD techniques are implemented, the economic feasibility of the cloud computing system is compromised because each MTD technique has different requirements. To address this, a software-defined technique was employed to flexibly reflect the requirements. Third, an MTD has some limitations when faced with an increased attack complexity because of limited system resources.
후속연구
The SD-MTD system implemented in this study is expected to flexibly apply and manage both existing and future MTD techniques. In a follow-up study, we intend to apply context-aware techniques to control the MTD and automate the application according to the service security level by situation.
This limitation can be resolved by applying multiple MTD techniques. The SD-MTD system implemented in this study is expected to flexibly apply and manage both existing and future MTD techniques. In a follow-up study, we intend to apply context-aware techniques to control the MTD and automate the application according to the service security level by situation.
참고문헌 (30)
C. Pahl, A. Brogi, J. Soldani and P. Jamshidi, "Cloud Container Technologies: A State-of-the-Art Review," IEEE Transactions on Cloud Computing, vol. 7, no. 3, pp. 677-692, 1 July-Sept. 2019.
Z. Kozhirbayev and R. O. Sinnott, "A performance comparison of container-based technologies for the cloud," Future Generation Computer Systems, 68, 175-182, 2017.
S. He, L. Guo, Y. Guo, C. Wu, M. Ghanem et al., "Elastic Application Container: A Lightweight Approach for Cloud Resource Provisioning," in Proc. of 2012 IEEE 26th International Conference on Advanced Information Networking and Applications, pp. 15-22, 2012.
H. Jin, Z. Li, D. Zou, B. Yuan, "DSEOM: A Framework for Dynamic Security Evaluation and Optimization of MTD in Container-Based Cloud," IEEE Transactions on Dependable and Secure Computing, vol. 18, no. 3, pp. 1125-1136, 1 May-June 2021.
X. Gao, Z. Gu, M. Kayaalp, D. Pendarakis and H. Wang, "ContainerLeaks: Emerging Security Threats of Information Leakages in Container Clouds," in Proc. of 2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 237-248, 2017.
X. Xu, H. Yu and X. Pei, "A Novel Resource Scheduling Approach in Container Based Clouds," in Proc. of 2014 IEEE 17th International Conference on Computational Science and Engineering, pp. 257-264, 2014.
A. Chung, J. Park, and G. Ganger, "Stratus: cost-aware container scheduling in the public cloud," in Proc. of the ACM Symposium on Cloud Computing (SoCC '18). Association for Computing Machinery, New York, NY, USA, 121-134, 2018.
W. Peng, F. Li, C. -T. Huang and X. Zou, "A moving-target defense strategy for Cloud-based services with heterogeneous and dynamic attack surfaces," in Proc. of 2014 IEEE International Conference on Communications (ICC), pp. 804-809, 2014.
H. Alavizadeh, J. Jang-Jaccard and D. S. Kim, "Evaluation for Combination of Shuffle and Diversity on Moving Target Defense Strategy for Cloud Computing," in Proc. of 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), pp. 573-578, 2018.
A. Shaer, Ehab, Q. Duan, and J. Jafarian, "Random host mutation for moving target defense," in Proc. of International Conference on Security and Privacy in Communication Systems, Springer, Berlin, Heidelberg, pp. 310-327, 2012.
C. Lei, H. Zhang, J. Tan, Y. Zhang, X. Liu, "Moving Target Defense Techniques: A Survey," Security and Communication Networks, vol. 2018, Article ID 3759626, 25 pages, 2018.
P. Kampanakis, H. Perros and T. Beyene, "SDN-based solutions for Moving Target Defense network protection," in Proc. of IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks, pp. 1-6, 2014.
E. Al-Shaer, "Toward network configuration randomization for moving target defense," Moving Target Defensem, Springer, New York, NY, 153-159, 2011.
T. E. Carroll, M. Crouse, E. W. Fulp and K. S. Berenhaut, "Analysis of network address shuffling as a moving target defense," in Proc. of 2014 IEEE International Conference on Communications (ICC), pp. 701-706, 2014.
J. Haadi, E. Al-Shaer, and Q. Duan, "Openflow random host mutation: transparent moving target defense using software defined networking," in Proc. of the first workshop on Hot topics in software defined networks, pp. 127-132, 2012.
P. Dawson, and A. Butler, "IT Market Clock for Server Technology and SDx, 2014," Gartner Report 2014. 9.
A. Gupta, L. Vanbever, M. Shahbaz, S. Donovan, B. Schlinker et al., "Sdx: A software defined internet exchange," ACM SIGCOMM Computer Communication Review, 44.4, 551-562, 2014.
A. Darabseh, M. Al-Ayyoub, Y. Jararweh, E. Benkhelifa, M. Vouk and A. Rindos, "SDDC: A Software Defined Datacenter Experimental Framework," in Proc. of 2015 3rd International Conference on Future Internet of Things and Cloud, pp. 189-194, 2015.
N. Handigol, B. Heller, V. Jeyakumar, D. Mazieres, and N. McKeown, "Where is the debugger for my software-defined network?," in Proc. of the first workshop on Hot topics in software defined networks (HotSDN '12), Association for Computing Machinery, New York, NY, USA, 55-60, 2012.
A. Voellmy, and J. Wang, "Scalable software defined network controllers," ACM SIGCOMM Computer Communication Review, vol. 42, no. 4, pp. 289-290, 2012.
F. Chong, "National cyber leap year summit 2009: Co-chairs' report," NITRD Program, 2009.
J. Cho, D. Sharma, H. Alavizadeh, S. Yoon, B. Noam et al, "Toward proactive, adaptive defense: A survey on moving target defense," IEEE Communications Surveys & Tutorials, 22.1, 709-745, 2020.
M. Green, "Characterizing network-based moving target defenses," in Proc. of the Second ACM Workshop on Moving Target Defense, pp. 31-35, 2015.
H. Okhravi et al., "Survey of cyber moving target techniques," Massachusetts Inst of Tech Lexington Lincoln Lab, 2018. Available: https://apps.dtic.mil/sti/pdfs/AD1055276.pdf
B. Hong, and D. Kim, "Assessing the effectiveness of moving target defenses using security models," IEEE Transactions on Dependable and Secure Computing, 13.2, 163-177, 2016.
A. Alshamrani, S. Myneni, A. Chowdhary, D. Huang, "A Survey on Advanced Persistent Threats: Techniques, Solutions, Challenges, and Research Opportunities," IEEE Communications Surveys & Tutorials, Vol. 21, no. 2, pp. 1851-1877, Secondquarter 2019.
Y. -B. Luo, B. -S. Wang, X. -F. Wang, X. -F. Hu, G. -L. Cai and H. Sun, "RPAH: Random Port and Address Hopping for Thwarting Internal and External Adversaries," in Proc. of 2015 IEEE Trustcom/BigDataSE/ISPA, pp. 263-270, 2015.
J. Park, Y. Lee, K. Kang, S. Lee, and K. Park, "Ghost-MTD: Moving Target Defense via Protocol Mutation for Mission-Critical Cloud Systems," Energies, 13.8, 1883, 2020.
Y. Huang, and A. Ghosh, "Introducing diversity and uncertainty to create moving attack surfaces for web services," Moving target defense, Springer, New York, NY, 131-151, 2011.
M. Taguinod, A. Doupe, Z. Zhao and G. Ahn, "Toward a Moving Target Defense for Web Applications," in Proc. of 2015 IEEE International Conference on Information Reuse and Integration, pp. 510-517, 2015.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.