Design, Implementation and Evaluation of a Moving Target Defense in Distributed Systems
Ladda ner
Typ
Examensarbete för masterexamen
Master's Thesis
Master's Thesis
Program
Computer systems and networks (MPCSN), MSc
Publicerad
2022
Författare
Tibom, Philip
Buck, Max
Modellbyggare
Tidskriftstitel
ISSN
Volymtitel
Utgivare
Sammanfattning
Cloud computing has recently become increasingly popular for server hosting. Additionally,
a new model of cloud computing has emerged where cloud resources are
placed at the edge of the network closer to the user. Both cloud and edge systems
share many common security concerns, however, edge systems may suffer an increased
risk of physical tampering and destruction. One way to harden the security
in both cloud and edge systems is to use a technique called Moving Target Defense.
The technique can be likened to the idea of frequency hopping in secure communication
systems. Moving Target Defense is not yet widely adopted by industry and
the current research in the area is very limited. Additionally, to our knowledge,
there are no open-source implementations that can be easily replicated. The Moving
Target Defense proposed in this thesis is an open-source implementation and
can move a critical application between virtual and physical nodes in order to avoid
and confuse adversaries. In addition to the implementation, we performed security,
availability, and performance tests on the system. The results show that our system
is able to successfully thwart some types of attacks while not significantly impacting
availability and performance.
Beskrivning
Ämne/nyckelord
moving target defense , distributed systems , kubernetes , cluster , cloud