Skip to main content
SpringerLink
Log in

Effectiveness of Moving Target Defenses

  • Chapter
  • First Online:
Moving Target Defense

Part of the book series: Advances in Information Security ((ADIS,volume 54))

Abstract

Moving target defenses have been proposed as a way to make it much more difficult for an attacker to exploit a vulnerable system by changing aspects of that system to present attackers with a varying attack surface. The hope is that constructing a successful exploit requires analyzing properties of the system, and that in the time it takes an attacker to learn those properties and construct the exploit, the system will have changed enough by the time the attacker can launch the exploit to disrupt the exploit’s functionality. This is a promising and appealing idea, but its security impact is not yet clearly understood. In this chapter, we argue that the actual benefits of the moving target approach are in fact often much less significant than one would expect. We present a model for thinking about dynamic diversity defenses, analyze the security properties of a few example defenses and attacks, and identify scenarios where moving target defenses are and are not effective.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 79.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 99.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 139.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Alexander Peslyak (Solar Designer). Return-to-libc Attack. Bugtraq Mailing List, August 1997.

    Google Scholar 

  2. Emery D. Berger and Benjamin G. Zorn. DieHard: Probabilistic Memory Safety for Unsafe Languages. In ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), June 2006.

    Google Scholar 

  3. Sandeep Bhatkar, Daniel DuVarney, and R. Sekar. Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits. In USENIX Security Symposium, 2003.

    Google Scholar 

  4. StephenW. Boyd, Gaurav S. Kc, Michael E. Locasto, Angelos D. Keromytis, and Vassilis Prevelakis. On The General Applicability of Instruction-Set Randomization. IEEE Transactions on Dependable and Secure Computing, 7(3), 2010.

    Google Scholar 

  5. Kevin Brown. Balls In Bins with Limited Capacity. http://www.mathpages.com/ home/kmath337.htm.

  6. Brian X. Chen. Apple’s Snow Leopard Is Less Secure Than Windows, But Safer. Wired, September 2009.

    Google Scholar 

  7. Shuo Chen, Jun Xu, Emre C. Sezer, Prachi Gauriar, and Ravishankar K. Iyer. Non-Control- Data Attacks Are Realistic Threats. In USENIX Security Symposium, 2005.

    Google Scholar 

  8. Crispin Cowan, Steve Beattie, John Johansen, and PerryWagle. PointGuard: Protecting Pointers from Buffer Overflow Vulnerabilities. In 12th USENIX Security Symposium, 2003.

    Google Scholar 

  9. Benjamin Cox, David Evans, Adrian Filipi, Jonathan Rowanhill,Wei Hu, Jack Davidson, John Knight, Anh Nguyen-Tuong, and Jason Hiser. N-Variant Systems: A Secretless Framework for Security through Diversity. In USENIX Security Symposium, 2006.

    Google Scholar 

  10. Cristian Cadar and Periklis Akritidis and Manuel Costa and Jean-Phillipe Martin and Miguel Castro. Data Randomization. Technical Report TR-120-2008, Microsoft Research, 2008.

    Google Scholar 

  11. Tyler Durden. Bypassing PaX ASLR protection. http://www.phrack.com/issues.html?issue=59\&id=9/, 2009.

  12. Elena Gabriela Barrantes and David Ackley and Stephanie Forrest and Trek Palmer and Darko Stefanovic and Dino Dai Zovi. Intrusion Detection: Randomized Instruction Set Emulation to Disrupt Binary Code Injection Attacks. In 10th ACM Conference on Computer and Communications Security (CCS), 2003.

    Google Scholar 

  13. Elena Gabriela Barrantes and David H. Ackley and Stephanie Forrest and Darko Stefanovic. Randomized Instruction Set Emulation. ACM Transactions on Information and System Security, February 2005.

    Google Scholar 

  14. Gaurav S. Kc and Angelos D. Keromytis and Vassilis Prevelakis. Countering Code-Injection Attacks with Instruction-Set Randomization. In 10th ACM Conference on Computer and Communications Security (CCS), 2003.

    Google Scholar 

  15. Sudhakar Govindavajhala and Andrew W. Appel. Using Memory Errors to Attack a Virtual Machine. In IEEE Symposium on Security and Privacy (Oakland), 2003.

    Google Scholar 

  16. Norman Hardy. The Confused Deputy (or why capabilities might have been invented). ACM SIGOPS Operating Systems Review, 22(4), October 1988.

    Google Scholar 

  17. David Holland, Ada Lim, and Margo Seltzer. An Architecture A Day Keeps The Hacker Away. In Workshop on Architectural Support for Security and Anti-Virus, April 2004.

    Google Scholar 

  18. Kubuntu Wiki. Supported Position Independent Executables. https://wiki.kubuntu. org/SecurityTeam/KnowledgeBase/BuiltPIE, 2011.

  19. Microsoft Corporation. Microsoft Security Advisory (961051): Vulnerability in Internet Explorer Could Allow Remote Code Execution. http://www.microsoft.com/ technet/security/advisory/961051.mspx, December 2008.

  20. Tilo M¨uller. ASLR Smack and Laugh Reference. Seminar on Advanced Exploitation Techniques, February 2008.

    Google Scholar 

  21. Ryan Naraine. Adobe PDF Exploits Using Signed Certificates, Bypasses ASLR/DEP. ZDNet Zero Day, September 2010.

    Google Scholar 

  22. Anh Nguyen-Tuong, David Evans, John C. Knight, Benjamin Cox, and Jack W. Davidson. Security through Redundant Data Diversity. In IEEE/IFPF International Conference on Dependable Systems and Networks, June 2008.

    Google Scholar 

  23. Anh Nguyen-Tuong, Andrew Wang, Jason D. Hiser, John C. Knight, and Jack W. Davidson. On the effectiveness of the metamorphic shield. In Proceedings of the Fourth European Conference on Software Architecture: Companion Volume, ECSA ’10, pages 170–174, New York, NY, USA, 2010. ACM.

    Google Scholar 

  24. Pratap V. Prahbu and Yingbo Song and Salvatore J. Stolfo. Smashing the Stack with Hydra: The Many Heads of Advanced Polymorphic Shellcode. Technical Report CUCS-037-09, Columbia University, August 2009.

    Google Scholar 

  25. Rapid7 LLC. Metasploit. http://www.metasploit.com/, 2003–2011.

  26. Paruj Ratanaworabhan, Benjamin Livshits, and Benjamin Zorn. Nozzle: A Defense Against Heap-spraying Code Injection Attacks. In USENIX Security Symposium, 2009.

    Google Scholar 

  27. Babak Salamat, Andreas Gal, and Michael Franz. Reverse Stack Execution in a Multi-Variant Execution Environment. In Workshop on Compiler and Architectural Techniques for Application Reliability and Security, June 2008.

    Google Scholar 

  28. Babak Salamat, Todd Jackson, Andreas Gal, and Michael Franz. Orchestra: Intrusion Detection using Parallel Execution and Monitoring of Program Variants in User-Space. In ACM European Conference on Computer Systems (EuroSys), 2009.

    Google Scholar 

  29. Hovav Shacham, Matthew Page, Ben Pfaff, Eu-Jin Goh, Nagendra Modadugu, and Dan Boneh. On the effectiveness of address-space randomization. In ACM Conference on Computer and Communications Security (CCS), CCS ’04, pages 298–307, New York, NY, USA, 2004. ACM.

    Google Scholar 

  30. Alexander Sotirov. Heap Feng Shui in JavaScript. http://www.blackhat. com/presentations/bh-europe-07/Sotirov/Presentation/ bh-eu-07-sotirov-apr19.pdf, 2007.

  31. Ana Nora Sovarel, David Evans, and Nathanael Paul. Where’s the feeb? the effectiveness of instruction set randomization. In 14th USENIX Security Symposium, Berkeley, CA, USA, 2005. USENIX Association.

    Google Scholar 

  32. Stephanie Forrest and Anil Somayaji and David Ackley. Building Diverse Computer Systems. In Hot Topics in Operating Systems, 1997.

    Google Scholar 

  33. Stephen W. Boyd and Angelos D. Keromytis. SQLrand: Preventing SQL Injection Attacks. In Applied Cryptography and Network Security (ACNS), 2004.

    Google Scholar 

  34. Raoul Strackx, Yves Younan, Pieter Philippaerts, Frank Piessens, Sven Lachmund, and Thomas Walter. Breaking the Memory Secrecy Assumption. In Second European Workshop on System Security, 2009.

    Google Scholar 

  35. PaX Team. PaX Homepage. http://pax.grsecurity.net/, 2000.

  36. Wei Hu and Jason Hiser and DanWilliams and Adrian Filipi and JackW. Davidson and David Evans and John C. Knight and Anh Nguyen-Tuong and Jonathan Rowanhill. Secure and Practical Defense Against Code-injection Attacks Using Software Dynamic Translation. In Second International Conference on Virtual Execution Environments, 2006.

    Google Scholar 

  37. Yoav Weiss and Elena Gabriela Barrantes. Known/Chosen Key Attacks against Software Instruction Set Randomization. In Annual Computer Security Applications Conference (ACSAC), 2006.

    Google Scholar 

  38. Berend-Jan “SkyLined” Wever. MS Internet Explorer (IFRAME Tag) Buffer Overflow Exploit. http://www.exploit-db.com/exploits/612/, 2004.

Download references

Author information

Authors and Affiliations

  1. University of Virginia, Charlottesville, USA

    David Evans, Anh Nguyen-Tuong & John Knight

Authors
  1. David Evans
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Anh Nguyen-Tuong
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. John Knight
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to David Evans .

Editor information

Editors and Affiliations

  1. Center for Secure Information Systems, George Mason University, Fairfax, 22030-4444, Virginia, USA

    Sushil Jajodia

  2. Center for Secure Information Systems, George Mason University, Fairfax, 22030-4422, Virginia, USA

    Anup K. Ghosh

  3. The MITRE Corporation, McLean, 22102-7508, Virginia, USA

    Vipin Swarup

  4. Computing and Information Science Div., Engineering Sciences Directorate, Triangle Park, 27709-2211, North Carolina, USA

    Cliff Wang

  5. Division of Information & Intelligent Sy, National Science Foundation, Arlington, 22230, Virginia, USA

    X. Sean Wang

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer Science+Business Media, LLC

About this chapter

Cite this chapter

Evans, D., Nguyen-Tuong, A., Knight, J. (2011). Effectiveness of Moving Target Defenses. In: Jajodia, S., Ghosh, A., Swarup, V., Wang, C., Wang, X. (eds) Moving Target Defense. Advances in Information Security, vol 54. Springer, New York, NY. https://doi.org/10.1007/978-1-4614-0977-9_2

Download citation

  • DOI: https://doi.org/10.1007/978-1-4614-0977-9_2

  • Published:

  • Publisher Name: Springer, New York, NY

  • Print ISBN: 978-1-4614-0976-2

  • Online ISBN: 978-1-4614-0977-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation