Space systems provide many critical functions to the military, federal agencies, and infrastructure networks. Nation-state adversaries have shown the ability to disrupt critical infrastructure through cyber-attacks targeting systems of networked, embedded computers. Moving target defenses (MTDs) have been proposed as a means for defending various networks and systems against potential cyber-attacks. MTDs differ from many cyber resilience technologies in that they do not necessarily require detection of an attack to mitigate the threat. We devised a MTD algorithm and tested its application to a real-time network. We demonstrated MTD usage with a real-time protocol given constraints not typically found in best-effort networks. Second, we quantified the cyber resilience benefit of MTD given an exfiltration attack by an adversary. For our experiment, we employed MTD which resulted in a reduction of adversarial knowledge by 97%. Even when the adversary can detect when the address changes, there is still a reduction in adversarial knowledge when compared to static addressing schemes. Furthermore, we analyzed the core performance of the algorithm and characterized its unpredictability using nine different statistical metrics. The characterization highlighted the algorithm has good unpredictability characteristics with some opportunity for improvement to produce more randomness.
This report highlights overall design consideration regarding automation and database collection and extrapolation prototype for Farmpod, LLC. There are potentially many combinations of software, hardware, and networking which suffices for the requirements. For this report, we suggest a Raspberry Pi 2 Model B for the hardware. We suggest the Mako application server for the user interface and RPIO python modules for automated software processes. At the present moment, security is not a major concern, but should be addressed during the initial design phase. The software stack consists of two primary components: the automated processes and application server to implement a user interface.
As the field of determined and increasingly sophisticated adversaries multiplies, the risk to integrity of deployed computing devices magnifies. Given the ubiquitous connectivity, substantial storage, and accessibility, the increased reliance on computer platforms make them a significant target for attackers. Over the past decade, malware has transitioned from attacking a single program to subverting the operating system (OS) kernel by means of what is commonly known as a rootkit. While computer systems require patches to fix newly discovered vulnerabilities, undiscovered vulnerabilities remain Furthermore, typical solutions utilize mechanisms that operate within the OS. If the OS becomes compromised, these mechanisms may be vulnerable to being disabled or upon detection of the potential compromise, being "shut down" until patched or otherwise mitigated. We propose an innovative approach to designing computer systems that allows the behavior or functionality of the computer system to change based on the integrity of the system. Instead of attempting to prevent or detect all malware attacks, our proposed approach allows possible graceful degradation of functionality according to the security policy specification as anomalies of security concern are detected. We believe this innovative paradigm can determine the "integrity lever of the system. Based on the integrity level, the computer system may behave differently or limit access to data.