New cyber technology develops moving target defense

By CHRISTIAN SEREMETIS | September 13, 2018

B8_cybertech

 

Public Domain

The moving Target Defense system can protect consumers from hackers.

It seems that every day a new online privacy breach or cyber attack is underway. From Facebook’s scandal with Cambridge Analytica and the proliferation of fake news to the alleged Russian meddling in the 2016 presidential election, today’s news demonstrates the destructive power that modern hackers possess. 

In the fight against these online attackers, a new technology has emerged: moving target defense (MTD) creates a remote IP address that represents a consumer’s computer online, which is changed every few minutes to keep potential assailants from launching premeditated attacks.

Liken an IP address to the address of a home. Although the home may be protected by fences, locks or home security systems, simply knowing the location of the home makes it easy for burglars to scout for vulnerabilities in the house’s security to break and enter undetected. 

It is for this reason that victims of cyber attacks are often at a disadvantage when compared to their adversaries. 

Hackers collect a potential victim’s IP address and hold on to it as they plan their attacks. MTD removes this ability to plan attacks in advance, thus putting online predators on an even playing field as their prey. 

Jin-Hee Cho, a researcher at Virginia Tech who works alongside the U.S. Army Research Laboratory, explained the ultimate goal that MTD aims to accomplish.

“The concept of MTD has been introduced with the aim of increasing the adversary’s confusion or uncertainty by dynamically changing the attack surface, which consists of the reachable and exploitable vulnerabilities,” Cho said in a press release.

In their confusion, hackers are likely to make mistakes and may lose hold of the security vulnerabilities they planned to leverage as a means of planting viruses.

On the subject of viruses, when combined with existing virus detection software, MTD becomes even more powerful by creating a computer that can change its remote IP address as it detects a security breach. 

Current virus protection applications such as McAfee Livesafe, Sophos Antiviru and Windows Defender search for suspicious software packages and catch them before they can cause serious damage. 

A team of researchers from the University of Alabama has found that by combining these techniques with MTD, it is possible to classify a user’s online activity as either “normal,” “suspicious” or “malicious” and change their remote IP address accordingly. IP addresses that are classified as “suspicious” are blacklisted and taken offline permanently.

Compared to more innovative modern security measures such as the use of virtual private networks (VPNs), MTD still triumphs as a more powerful piece of technology. 

VPNs work by wrapping your computer’s IP address in a “private network” that insulates your data from potential adversaries who lurk in public networks. It is not uncommon for criminals to shut down public wifi networks and set up fake alternatives, giving them access to all the data that is shared on that fake network. 

VPNs give users the ability to access their data in a private setting that shares data remotely through public networks. While this is much safer than browsing the web unprotected, VPNs still contain security vulnerabilities because of their interactions with public outlets. In the case of a security breach, the user’s IP address is still at risk. MTD, in comparison, cannot possibly compromise a user’s IP address since the computer’s built-in IP address is completely untouchable over the internet.

It is no surprise that Army researchers are investigating MTD systems. Tasked with protecting some of the United States’ most sensitive information, members of the U.S. military and National Security Agency are turning toward MTD to safeguard public resources against potential hostiles. 

“In the current environment, information technology systems are built to operate in a relatively static configuration. This static approach is a legacy of information technology systems designed for simplicity in a time when malicious exploitation of system vulnerabilities was not a concern,” the Department of Homeland Security wrote on their website.

It is time to develop technologies that can adapt to an unpredictable online environment, and MTD may be an enormous step toward progress.

Comments powered by Disqus

Please note All comments are eligible for publication in The News-Letter.