Design, Implementation and Evaluation of a Moving Target Defense in Distributed Systems

Typ
Examensarbete för masterexamen
Master's Thesis
Program
Computer systems and networks (MPCSN), MSc
Publicerad
2022
Författare
Tibom, Philip
Buck, Max
Modellbyggare
Tidskriftstitel
ISSN
Volymtitel
Utgivare
Sammanfattning
Cloud computing has recently become increasingly popular for server hosting. Additionally, a new model of cloud computing has emerged where cloud resources are placed at the edge of the network closer to the user. Both cloud and edge systems share many common security concerns, however, edge systems may suffer an increased risk of physical tampering and destruction. One way to harden the security in both cloud and edge systems is to use a technique called Moving Target Defense. The technique can be likened to the idea of frequency hopping in secure communication systems. Moving Target Defense is not yet widely adopted by industry and the current research in the area is very limited. Additionally, to our knowledge, there are no open-source implementations that can be easily replicated. The Moving Target Defense proposed in this thesis is an open-source implementation and can move a critical application between virtual and physical nodes in order to avoid and confuse adversaries. In addition to the implementation, we performed security, availability, and performance tests on the system. The results show that our system is able to successfully thwart some types of attacks while not significantly impacting availability and performance.
Beskrivning
Ämne/nyckelord
moving target defense, distributed systems, kubernetes, cluster, cloud
Citation
Arkitekt (konstruktör)
Geografisk plats
Byggnad (typ)
Byggår
Modelltyp
Skala
Teknik / material