'Moving target' computer security eyed

May 10, 2012 at 5:57 PM
share with facebook
share with twitter

MANHATTAN, Kan., May 10 (UPI) -- Self-adapting computer networks that automatically change their setup and configuration could defend themselves against hackers, U.S. computer scientists say.

Kansas State University cybersecurity experts have been awarded a five-year grant of more than $1 million from the Air Force Office of Scientific Research to study whether this type of adaptive cybersecurity, called moving-target defense, can be effective, the university reported Thursday.

Scott DeLoach and Xinming "Simon" Ou, professors of computing and information sciences, and a research team will develop a set of analytical models to determine the effectiveness of a moving-target defense system.

Such a system is based on the concept of a computer network that automatically and periodically randomizes its configuration through various methods -- such as changing the addresses of software applications on the network, switching between instances of the applications and changing the location of critical system data -- to thwart cyberattacks.

The key, DeLoach and Ou said, is to make the network appear to an attacker to be changing chaotically while to an authorized user the system operates normally.

Creating a moving-target defense system would shift the power imbalance that currently favors hackers -- who need only find a single security hole to exploit -- back to network administrators who would have a system that frequently removes whatever security privileges attackers may gain with a new clean slate, the researchers said.

Related UPI Stories
Trending Stories