ABSTRACT
Static system configuration provides the advantage for the attackers to discover the vulnerabilities of the system and launch attacks. Moving Target Defense (MTD) can break this asymmetry for the defenders by mutating certain configuration parameters proactively and at the same time maintaining the run-time correctness and operational integrity. MTD is essentially distributed by nature since the processes or actions in MTD are executed in an interleaved manner. For any distributed system, it is important to verify the correctness and integrity, since they may be jeopardized by design errors or run time inconsistencies. In this work we present a framework for formal verification of MTD techniques. We describe MTD techniques with formal ontology and model the system behaviors with timed automata, and verify the correctness, liveness, fairness and deadlock-free properties of the system. We use Random Host Mutation (RHM) as the case study or MTD formal verification. Our experimentation validates the feasibility and scalability of the formal verification framework.
- Ehab Al-Shaer, Qi Duan, and Jafar Haadi Jafarian. 2012. Random Host Mutation for Moving Target Defense. In SecureComm, Vol. 106. Springer, 310--327.Google Scholar
- Gerd Behrmann, Alexandre David, and Kim G. Larsen. 2004. A Tutorial on Uppaal. In In proceedings of the 4th International School on Formal Methods for the Design of Computer, Communication, and Software Systems (SFM-RT'04). Springer-Verlag, Berlin, Heidelberg.Google Scholar
- S. Sultana and F. Arif. 2017. Computational Conversion via Translation Rules for Transforming C++ Code Into UPPAALâĂŹs Automata. IEEE Access 5 (2017), 14455--14467.Google ScholarCross Ref
- Muhammad Abdul Basit ur Rahim and Fahim Arif. 2016. Translating Activity Diagram from Duration Calculus for Modeling of Real-Time Systems and its Formal Verification using UPPAAL and DiVinE, Vol. 35(1). Mehran University Research Journal of Engineering and Technolog, Berlin, Heidelberg, 139--154.Google Scholar
Recommendations
Moving Target Defense Against Injection Attacks
Algorithms and Architectures for Parallel ProcessingAbstractWith the development of network technology, web services become more convenient and popular. However, web services are also facing serious security threats, especially SQL injection attack(SQLIA). Due to the diversity of attack techniques and the ...
Comments