Moving Target Reference Implementation

Transcription

1 CYBER SECURITY DIVISION 2014 R&D SHOWCASE AND TECHNICAL WORKSHOP Moving Target Reference Implementation Software Engineering Institute, Carnegie Mellon University Andrew O. Mellinger December 17, 2014

2 Copyright 2014 Carnegie Mellon University This material is based upon work funded and supported by Department of Homeland Security under Contract No. FA C-0003 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center sponsored by the United States Department of Defense. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of Department of Homeland Security or the United States Department of Defense. References herein to any specific commercial product, process, or service by trade name, trade mark, manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation, or favoring by Carnegie Mellon University or its Software Engineering Institute. NO WARRANTY. THIS CARNEGIE MELLON UNIVERSITY AND SOFTWARE ENGINEERING INSTITUTE MATERIAL IS FURNISHED ON AN AS-IS BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT. This material has been approved for public release and unlimited distribution. This material may be reproduced in its entirety, without modification, and freely distributed in written or electronic form without requesting formal permission. Permission is required for any other use. Requests for permission should be directed to the Software Engineering Institute at [email protected]. DM

3 Team Profile SEI Emerging Technology Center Matt Gaston, PhD Andrew Mellinger David Shepard Stephanie Rosenthal, PhD SEI CERT Division Jose Morales, PhD Carnegie Mellon University David Garlan, PhD Bradley Schmerl, PhD Florida Institute of Technology Marco Carvalho, PhD 3

4 Customer Need Adoption + Ease of Development & Deployment The government has made substantial investments into moving target and adaptive cyber defense and needs widespread adoption of these technologies. Researchers need a secure, easy to use, and consistent development and deployment path for new techniques. 4

5 Approach Iteratively build moving target middleware for parallel deployment into different lab environments. Moving target middleware supports installation, configuration, update, system monitoring, alerts, and optimization, and provides services for configuration management, knowledge management, ensembles of moving target techniques, and more. Federation SEI DHS FIT 5

6 Approach - Agents & Self-Adaptation Blend multi-agent systems and self-adaptive systems. Multi-Agent System Self-Adaptive System Resilient Partition tolerant Localized performance Distributed load Incomplete view of data Centralized management Can hold big picture Can reason about all properties Central point of failure 6

7 Approach - Security Properly designed middleware promotes secure design in extension components. We want to make security easy. Designed-In Security Security architectures for middleware Secure design and coding practices Appropriate decomposition and privilege isolations Strong management and policy configuration 7

8 Transition Activities The transition process is part of the project. Updates early and often Deploy Reference Implementation at the SEI Deploy Reference Implementation at DHS Collaborate with FIT on federation Start with AARC and HEZDP SEI Federation DHS FIT 8

9 Benefit Measurable improvements in security posture for real networks. New technologies can be evaluated in a standard environment. Architecture that is specific to MTD promotes useful research. Facilitates experimentation, prototyping, and collaboration. Facilitates bootstrapping of commercial solutions. 9

10 Related Work MTC2 from FIT (We are already collaborating with them.) Moving Target Defense Researchers Adaptive Cyber Defense Researchers Adaptive Systems Researchers Datacenter automation solutions Cloud solutions could also be adapted 10

11 Contact Info Presenter Andrew Mellinger ETC Telephone: Web U.S. Mail Software Engineering Institute Customer Relations 4500 Fifth Avenue Pittsburgh, PA USA Customer Relations Telephone: SEI Phone: SEI Fax: