Annual Computer Security Applications Conference (ACSAC) 2014

Full Program »

Panel: Moving Target Defenses: Johnny Can't Secure, So He Moves

Thursday, 11 December 2014
13:30 - 15:00

Orleans A

Moderator: Dr. Hamed Okhravi, MIT Lincoln Laboratory



Moving target (MT) defenses has been identified by the White House and Networking and Information Technology Research and Development (NITRD) as one of the game-changing themes to re-balance the cyber landscape in favor of defense. MT techniques make cyber systems less static, less homogeneous, and less deterministic in order to create uncertainty for the attackers.

Although many MT techniques have been proposed in the literature, little has been done on evaluating their effectiveness, benefits, and weaknesses. Many important questions remain unanswered in this domain and researchers often have opposing views on these topics. Is movement a better strategy than traditional systems security defenses? How can we change the internals of a system to defend against attacks while maintaining its functionality? Are diversity and randomization effective defensive strategies? Is dynamics without randomization and diversity (e.g. rotating virtual machines) an effective defense? How much diversity is enough? Is moving target capable of changing the landscape, or is it just another bump in the road for the attackers? How can we expose complexity to attackers, but keep the operations and maintenance simple for the defender? What are the next steps to evaluate the effectiveness of moving target defenses?

The panel seeks to debate and discuss various viewpoints on these questions. The panelists, chosen from diverse sectors and backgrounds will advocate and provide their arguments for various viewpoints about MT defenses.

Position Statements


Powered by OpenConf®
Copyright©2002-2014 Zakon Group LLC