Skip to main content
SpringerLink
Log in

Moving Target Defenses in the Helix Self-Regenerative Architecture

  • Conference paper
  • First Online:
Moving Target Defense II

Part of the book series: Advances in Information Security ((ADIS,volume 100))

Abstract

In this chapter we describe the design, development and application of the Helix Metamorphic Shield (HMS). The HMS: (1) continuously shifts the program’s attack surface in both the spatial and temporal dimensions, and (2), reduces the program’s attack surface by applying novel evolutionary algorithms to automatically repair vulnerabilities. The symbiotic interplay between shifting and reducing the attack surface results in the automated evolution of new program variants whose quality improves over time.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    http://www.mozilla.org/security/bug-bounty.html $3,000/bug

  2. 2.

    http://blog.chromium.org/2010/01/encouraging-more-chromium-security.html $500/bug

  3. 3.

    http://www.computerworld.com/s/article/9179538/Google_calls_raises_Mozilla_s_bug_bounty_for_Chrome_flaws

  4. 4.

    http://www.tarsnap.com/bugbounty.html

  5. 5.

    http://aws.amazon.com/ec2/instance-types/

  6. 6.

    These August–September 2011 prices summarize CPU, storage and I/O charges; http://aws.amazon.com/ec2/pricing/

References

  1. http://httpd.apache.org/docs/2.2/programs/ab.html (2010)

  2. Al-Ekram, R., Adma, A., Baysal, O.: diffX: an algorithm to detect changes in multi-version XML documents. In: Conference of the Centre for Advanced Studies on Collaborative research, pp. 1–11. IBM Press (2005)

    Google Scholar 

  3. Anvik, J., Hiew, L., Murphy, G.C.: Coping with an open bug repository. In: OOPSLA Workshop on Eclipse Technology eXchange, pp. 35–39 (2005)

    Google Scholar 

  4. Barrantes, E.G., Ackley, D.H., Forrest, S., Palmer, T.S., Stefanović, D., Zovi, D.D.: Randomized Instruction Set Emulation to Disrupt Binary Code Injection Attacks. In: Conference on Computer and Communications Security, pp. 281–289. ACM (2003)

    Google Scholar 

  5. Barrantes, E.G., Ackley, D.H., Forrest, S., Stefanovic, D.: Randomized instruction set emulation. ACM Transactions on Information System Security. 8(1), 3–40 (2005). DOIhttp://doi.acm.org/10.1145/1053283.1053286

    Google Scholar 

  6. BBC News: Microsoft zune affected by ‘bug’. In: http://news.bbc.co.uk/2/hi/technology/7806683.stm (2008)

  7. http://www.phpbb.com/community/faq.php?mode=bbcode

  8. Bernstein, D.J.: Cache-timing attacks on AES (2005). http://cr.yp.to/antiforgery/cachetiming-20050414.pdf

  9. Brumley, D., Boneh, D.: Remote timing attacks are practical. In: Proceedings of the 12th USENIX Security Symposium, pp. 1–14 (2003)

    Google Scholar 

  10. Chen, P., Xiao, H., Shen, X., Yin, X., Mao, B., Xie, L.: DROP: Detecting return-oriented programming malicious code. Information Systems Security pp. 163–177 (2009)

    Google Scholar 

  11. Co, M., Coleman, C.L., Davidson, J.W., Ghosh, S., Hiser, J.D., Knight, J.C., Nguyen-Tuong, A.: A lightweight software control system for cyber awareness and security. Resilient Control Systems pp. 19–24 (2009)

    Google Scholar 

  12. Cowan, C., Barringer, M., Beattie, S., Kroah-Hartman, G.: Formatguard: Automatic protection from printf format string vulnerabilities. In: USENIX Security Symposium, (2001)

    Google Scholar 

  13. Evans, D., Nguyen-Tuong, A., Knight, J.C.: Effectiveness of moving target defenses. In: S. Jajodia, A.K. Ghosh, V. Swarup, C. Wang, X.S. Wang (eds.) Moving Target Defense, Advances in Information Security, vol. 54, pp. 29–48. Springer (2011)

    Google Scholar 

  14. Gustafson, S., Ekart, A., Burke, E., Kendall, G.: Problem difficulty and code growth in genetic programming. Genetic Programming and Evolvable Machines pp. 271–290 (2004)

    Google Scholar 

  15. Hiser, J.D., Coleman, C.L., Co, M., Davidson, J.W.: Meds: The memory error detection system. In: Symposium on Engineering Secure Software and Systems, pp. 164–179 (2009)

    Google Scholar 

  16. Hiser, J.D., Nguyen-Tuong, A., Co, M., Hall, M., Davidson, J.W.: ILR: Where’d my gadgets go? In: IEEE Symposium on Security and Privacy. IEEE (2012)

    Google Scholar 

  17. Howard, M., Lipner, S.: The Security Development Lifecycle. Microsoft Press (2006)

    Google Scholar 

  18. Hu, W., Hiser, J., Williams, D., Filipi, A., Davidson, J.W., Evans, D., Knight, J.C., Nguyen-Tuong, A., Rowanhill, J.: Secure and practical defense against code-injection attacks using software dynamic translation. In: Virtual Execution Environments, pp. 2–12 (2006)

    Google Scholar 

  19. Ingham, K.L., Somayaji, A., Burge, J., Forrest, S.: Learning DFA representations of HTTP for protecting web applications. Computer Networks 51(5), 1239–1255 (2007)

    Google Scholar 

  20. Jajodia, S., Ghosh, A.K., Swarup, V., Wang, C., Wang, X.S. (eds.): Moving Target Defense - Creating Asymmetric Uncertainty for Cyber Threats, Advances in Information Security, vol. 54. Springer (2011)

    Google Scholar 

  21. Jim, T., Swamy, N., Hicks, M.: Defeating Scripting Attacks with Browser-Enforced Embedded Policies. In: International World Wide Web Conference, pp. 601–610 (2007)

    Google Scholar 

  22. Jones, J.A., Harrold, M.J.: Empirical evaluation of the Tarantula automatic fault-localization technique. In: Automated Software Engineering, pp. 273–282 (2005)

    Google Scholar 

  23. Jorgensen, M., Shepperd, M.: A systematic review of software development cost estimation studies. IEEE Transactions on Software Engineering 33(1), 33–53 (2007)

    Google Scholar 

  24. Kc, G.S., Keromytis, A.D., Prevelakis, V.: Countering Code-Injection Attacks With Instruction-Set Randomization. In: Conference on Computer and Communications Security, pp. 272–280 (2003)

    Google Scholar 

  25. Kiriansky, V., Bruening, D., Amarasinghe, S.P.: Secure execution via program shepherding. In: USENIX Security Symposium, pp. 191–206 (2002)

    Google Scholar 

  26. Koza, J.R.: Genetic Programming: On the Programming of Computers by Means of Natural Selection. MIT Press (1992)

    Google Scholar 

  27. Lawton, K.P.: Bochs: A portable pc emulator for unix/x. Linux J. 1996(29es), 7 (1996)

    Google Scholar 

  28. Liblit, B., Aiken, A., Zheng, A.X., Jordan, M.I.: Bug isolation via remote program sampling. In: Programming language design and implementation, pp. 141–154 (2003)

    Google Scholar 

  29. Luk, C.K., Cohn, R., Muth, R., Patil, H., Klauser, A., Lowney, G., Wallace, S., Reddi, V.J., Hazelwood, K.: Pin: Building customized program analysis tools with dynamic instrumentation. In: Programming Language Design and Implementation, pp. 190–200 (2005)

    Google Scholar 

  30. Miller, B.P., Fredriksen, L., So, B.: An empirical study of the reliability of UNIX utilities. Communications of the Association for Computing Machinery 33(12), 32–44 (1990)

    Google Scholar 

  31. Molnar, D., Li, X.C., Wagner, D.A.: Dynamic test generation to find integer bugs in x86 binary linux programs. In: USENIX Security Symposium, pp. 67–82 (2009)

    Google Scholar 

  32. Nethercote, N., Seward, J.: Valgrind: a framework for heavyweight dynamic binary instrumentation. In: Programming Language Design and Implementation, pp. 89–100 (2007)

    Google Scholar 

  33. Nguyen-Tuong, A., Wang, A., Hiser, J., Knight, J., Davidson, J.: On the effectiveness of the metamorphic shield. In: European Conference on Software Architecture: Companion Volume, pp. 170–174 (2010)

    Google Scholar 

  34. Pigoski, T.M.: Practical Software Maintenance: Best Practices for Managing Your Software Investment. John Wiley & Sons, Inc. (1996)

    Google Scholar 

  35. Portokalidis, G., Keromytis, A.D.: Fast and practical instruction-set randomization for commodity systems. In: Annual Computer Security Applications Conference, pp. 41–48 (2010)

    Google Scholar 

  36. Rajkumar, R., Wang, A., Hiser, J.D., Nguyen-Tuong, A., Davidson, J.W., Knight, J.C.: Component-oriented monitoring of binaries for security. In: Hawaii International Conference on System Sciences, pp. 1–10 (2011)

    Google Scholar 

  37. Ramamoothy, C.V., Tsai, W.T.: Advances in software engineering. IEEE Computer 29(10), 47–58 (1996)

    Google Scholar 

  38. Rodes, B.: Stack layout transformation: Towards diversity for securing binary programs. In: Doctoral Symposium, International Conference of Software Engineering (2012)

    Google Scholar 

  39. Rodes, B., Nguyen-Tuong, A., Knight, J., Shepherd, J., Hiser, J.D., Co, M., Davidson, J.W.: Diversification of stack layout in binary programs using dynamic binary translation. Tech. rep. (2012)

    Google Scholar 

  40. RSnake: XSS (Cross Site Scripting) Cheat Sheet. http://ha.ckers.org/xss.html (2008)

  41. Schulte, E., Forrest, S., Weimer, W.: Automatic program repair through the evolution of assembly code. In: Automated Software Engineering, pp. 33–36 (2010)

    Google Scholar 

  42. Scott, K., Davidson, J.: Strata: A software dynamic translation infrastructure. In: IEEE Workshop on Binary Translation (2001)

    Google Scholar 

  43. Scott, K., Davidson, J.: Safe virtual execution using software dynamic translation. In: Annual Computer Security Applications Conference (2002)

    Google Scholar 

  44. Scott, K., Kumar, N., Velusamy, S., Childers, B.R., Davidson, J.W., Soffa, M.L.: Retargetable and reconfigurable software dynamic translation. In: International Symposium on Code Generation and Optimization, pp. 36–47 (2003)

    Google Scholar 

  45. Seacord, R.C., Plakosh, D., Lewis, G.A.: Modernizing Legacy Systems: Software Technologies, Engineering Process and Business Practices. Addison-Wesley Longman Publishing Co., Inc. (2003)

    Google Scholar 

  46. Shacham, H., Page, M., Pfaff, B., Goh, E., Modadugu, N., Boneh, D.: On the effectiveness of address-space randomization. In: Computer and Communications Security, pp. 298–307 (2004)

    Google Scholar 

  47. Sovarel, N., Evans, D., Paul, N.: Where’s the feeb? the effectiveness of instruction set randomization. In: USENIX Security Conference (2005)

    Google Scholar 

  48. Sridhar, S., Shapiro, J.S., Bungale, P.P.: Hdtrans: a low-overhead dynamic translator. SIGARCH Comput. Archit. News 35(1), 135–140 (2007)

    Google Scholar 

  49. Sutherland, J.: Business objects in corporate information systems. ACM Comput. Surv. 27(2), 274–276 (1995)

    Google Scholar 

  50. Symantec: Internet security threat report. In: http://eval.symantec.com/mktginfo/enterprise/white_papers/ent-whitepaper_symantec_internet_security_threat_report_x_09_2006.en-us.pdf (2006)

  51. Thimbleby, H.: Can viruses ever be useful? Computers and Security 10(2), 111–114 (1991)

    Google Scholar 

  52. http://info.tikiwiki.org/tiki-index.php (2010)

  53. Van Gundy, M., Chen, H.: Noncespaces: Using Randomization to Enforce Information Flow Tracking and Thwart Cross-Site Scripting Attacks. In: Distributed System Security Symposium, pp. 55–67 (2009)

    Google Scholar 

  54. Weimer, W., Nguyen, T., Le Goues, C., Forrest, S.: Automatically finding patches using genetic programming. In: International Conference on Software Engineering, pp. 364–367 (2009)

    Google Scholar 

  55. Williams, D., Hu, W., Davidson, J.W., Hiser, J.D., Knight, J.C., Nguyen-Tuong, A.: Security through diversity: Leveraging virtual machine technology. IEEE Security and Privacy 7(1), 26–33 (2009)

    Google Scholar 

  56. Zeller, A., Hildebrandt, R.: Simplifying and isolating failure-inducing input. IEEE Transactions on Software Engineering 28(2), 183–200 (2002)

    Google Scholar 

Download references

Acknowledgements

This research is supported by National Science Foundation (NSF) grant CNS-0716446, the Army Research Office (ARO) grant W911-10-0131, the Air Force Research Laboratory (AFRL) contract FA8650-10-C-7025, and DoD AFOSR MURI grant FA9550-07-1-0532. The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of the NSF, AFRL, ARO, DoD, or the U.S. Government.

Author information

Authors and Affiliations

  1. Intelligent Automation, Inc., 15400 Calhoun Drive, Suite 400, Rockville, MD, 20855, USA

    Claire Le Goues, Anh Nguyen-Tuong, Jack W. Davidson, Jason D. Hiser & John C. Knight

  2. University of California, Davis, 1 Shields Avenue, Davis, CA, USA

    Hao Chen & Matthew Van Gundy

  3. University of New Mexico, Albuquerque, USA

    Stephanie Forrest

Authors
  1. Claire Le Goues
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Anh Nguyen-Tuong
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hao Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jack W. Davidson
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Stephanie Forrest
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Jason D. Hiser
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. John C. Knight
    View author publications

    You can also search for this author in PubMed Google Scholar

  8. Matthew Van Gundy
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Claire Le Goues .

Editor information

Editors and Affiliations

  1. Center for Secure Information Systems, George Mason University, Fairfax, 22030-4444, Virginia, USA

    Sushil Jajodia

  2. Center for Secure Information Systems, George Mason University, University Drive, Fairfax, 22030-4422, Virginia, USA

    Anup K. Ghosh

  3. Inst. Advanced Computer Studies, Dept. Computer Science, University of Maryland, Paint Branch Dr, College Park, 20742, Maryland, USA

    V.S. Subrahmanian

  4. The MITRE Corporation, Colshire Drive 7515, McLean, 22102-7508, Virginia, USA

    Vipin Swarup

  5. Computing & Information Sci Div, Triangle Park, 27709-2211, North Carolina, USA

    Cliff Wang

  6. Fudan University, Shanghai, 200433, China, People's Republic

    X. Sean Wang

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer Science+Business Media New York

About this paper

Cite this paper

Goues, C.L. et al. (2013). Moving Target Defenses in the Helix Self-Regenerative Architecture. In: Jajodia, S., Ghosh, A., Subrahmanian, V., Swarup, V., Wang, C., Wang, X. (eds) Moving Target Defense II. Advances in Information Security, vol 100. Springer, New York, NY. https://doi.org/10.1007/978-1-4614-5416-8_7

Download citation

  • DOI: https://doi.org/10.1007/978-1-4614-5416-8_7

  • Published:

  • Publisher Name: Springer, New York, NY

  • Print ISBN: 978-1-4614-5415-1

  • Online ISBN: 978-1-4614-5416-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation