Blueprints from History — Series#3

ImageCredit : HistoryHit

The strategy followed here is fundamentally to confuse the enemy and attack them from unpredictable locations.

When they come back to compromise the webserver we could design the system such a manner that the webserver would have changed its IP address by then.

Fig : Switching Strategy in Moving Target Defense

The switching strategy lies in the decisions for the three questions : what to move (configuration attributes such as IP address, port numbers, OS, software programs) , how to move (shuffle the configuration attributes, create a replica of the system or deploy the system in a variety of diverse environments) and when to move (decide the optimal time to switch from one state to another).

Fig : BLUEPRINT#3 : CONFUSE THE ENEMY

One must note that Cloud platforms prove to be the right ground for creating applications and Infrastructures with speed and agility through Infrastructure As Code mechanisms which help them to dynamically respond to changes in the environment. This approach can be exploited to bring in continuous infrastructure regeneration and application surface modification capabilities. This would not only aid in confusing the attackers but also contribute to improve resiliency in the systems.

MTD can help deploy other security defense mechanism such as Intrusion Detection and Prevention and Honeypots by complementing with them as an additional layer of defense.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store