Sridhar Venkatesan

A moving target defense approach to mitigate DDoS attacks against proxy-based architectures

Distributed Denial of Service attacks against high-profile targets have become more frequent in recent years. In response to such massive attacks, several architectures have adopted proxies to introduce layers of indirection between end users and target services and reduce the impact of a DDoS attack by migrating users to new proxies and shuffling clients across proxies so as to isolate malicious clients. However, the reactive nature of these solutions presents weaknesses that we leveraged to develop a new attack - the proxy harvesting attack - which enables malicious clients to collect information about a large number of proxies before launching a DDoS attack. We show that current solutions are vulnerable to this attack, and propose a moving target defense technique consisting in periodically and proactively replacing one or more proxies and remapping clients to proxies. Our primary goal is to disrupt the attackers reconnaissance effort. Additionally, to mitigate ongoing attacks, we propose a new client-to-proxy assignment strategy to isolate compromised clients, thereby reducing the impact of attacks. We validate our approach both theoretically and through simulation, and show that the proposed solution can effectively limit the number of proxies an attacker can discover and isolate malicious clients.

Advancing WSN physical security adopting TPM-based architectures

Cyber Physical Systems typically operate unattended in hostile outdoor environments. A lot of effort has has been made to protect the communication between sensing nodes and the processing infrastructure. However, with regards to physical protection of a node, assessing the integrity of its hardware/software is a challenging issue. In this paper, we propose and evaluate a node architecture which makes use of Trusted Platform Module (TPM) to perform cryptographic operations in a trustworthy manner. TPM builds a chain of trust which enforces a trustability relationship among the nodes components. In such context, the node will function only if all the hardware and software configurations have been verified by means of cryptographic operations. Moreover, using tamper resistant hardware we will ensure that the cryptographic keys do not leave a secure perimeter.

A hardware accelerator for data classification within the sensing infrastructure

Cyber Physical Systems are typically deployed using simple sensing nodes and communicate with a complex elaboration and management infrastructure through the internet. The new trend in the design of such systems is to implement significant part of the data elaboration within the sensing infrastructure. Due to the scarce computing capabilities of the nodes and tight performance constrains, it is necessary to equip the nodes with special purpose hardware accelerators. In particular, we discuss a Decision Support System implementation in which special nodes are able to autonomously perform the data classification task. In this paper, we present a node architecture equipped with a special purpose co-processors to perform data classification trough decision tree visiting algorithm, and we discuss its suitability for the WSN domain.

An efficient IND-CCA2 secure variant of the niederreiter encryption scheme in the standard model

In this paper, we propose an IND-CCA2 secure code based encryption scheme in the standard model, built on the Niederreiter encryption scheme. The security of the scheme is based on the hardness of the Syndrome Decoding problem and the Goppa Code Distinguishability problem. The system is developed according to the construction similar to IND-CCA2 secure encryption scheme by Peikert and Waters using the lossy trapdoor functions. Compared to the existing IND-CCA2 secure variants due to Dowsley et.al. and Freeman et. al. (using the κ repetition paradigm initiated by Rosen and Segev), our scheme is more efficient as it avoids κ repetitions. This can be considered as the first practical code-based encryption scheme that is IND-CCA2 secure in the standard model.

A Moving Target Defense Approach to Disrupting Stealthy Botnets

Botnets are increasingly being used for exfiltrating sensitive data from mission-critical systems. Research has shown that botnets have become extremely sophisticated and can operate in stealth mode by minimizing their host and network footprint. In order to defeat exfiltration by modern botnets, we propose a moving target defense approach for dynamically deploying detectors across a network. Specifically, we propose several strategies based on centrality measures to periodically change the placement of detectors. Our objective is to increase the attackers effort and likelihood of detection by creating uncertainty about the location of detectors and forcing botmasters to perform additional actions in an attempt to create detector-free paths through the network. We present metrics to evaluate the proposed strategies and an algorithm to compute a lower bound on the detection probability. We validate our approach through simulations, and results confirm that the proposed solution effectively reduces the likelihood of successful exfiltration campaigns.

Detecting Stealthy Botnets in a Resource-Constrained Environment using Reinforcement Learning

Modern botnets can persist in networked systems for extended periods of time by operating in a stealthy manner. Despite the progress made in the area of botnet prevention, detection, and mitigation, stealthy botnets continue to pose a significant risk to enterprises. Furthermore, existing enterprise-scale solutions require significant resources to operate effectively, thus they are not practical. In order to address this important problem in a resource-constrained environment, we propose a reinforcement learning based approach to optimally and dynamically deploy a limited number of defensive mechanisms, namely honeypots and network-based detectors, within the target network. The ultimate goal of the proposed approach is to reduce the lifetime of stealthy botnets by maximizing the number of bots identified and taken down through a sequential decision-making process. We provide a proof-of-concept of the proposed approach, and study its performance in a simulated environment. The results show that the proposed approach is promising in protecting against stealthy botnets.

Disrupting stealthy botnets through strategic placement of detectors

In recent years, botnets have gained significant attention due to their extensive use in various kinds of criminal or otherwise unauthorized activities. Botnets have become increasingly sophisticated, and studies have shown that they can significantly reduce their footprint and increase their dwell time. Therefore, modern botnets can operate in stealth mode and evade detection for extended periods of time. In order to address this problem, we propose a proactive approach to strategically deploy detectors on selected network nodes, so as to either completely disrupt communication between bots and command and control nodes, or at least force the attacker to create more bots, therefore increasing the footprint of the botnet and the likelihood of detection. As the detector placement problem is intractable, we propose heuristics based on several centrality measures. Simulations results confirm that our approach can effectively increase complexity for the attacker.

A Framework for Moving Target Defense Quantification

Moving Target Defense (MTD) has emerged as a game changer in the security landscape, as it can create asymmetric uncertainty favoring the defender. Despite the significant work done in this area and the many different techniques that have been proposed, MTD has not yet gained widespread adoption due to several limitations. Specifically, interactions between multiple techniques have not been studied yet and a unified framework for quantifying and comparing very diverse techniques is still lacking. To overcome these limitations, we propose a framework to model how different MTD techniques can affect the information an attacker needs to exploit a system’s vulnerabilities, so as to introduce uncertainty and reduce the likelihood of successful attacks. We illustrate how this framework can be used to compare two sets of MTDs, and to select an optimal set of MTDs that maximize security within a given budget. Experimental results show that our approach is effective.

Moving Target Defense against DDoS Attacks: An Empirical Game-Theoretic Analysis

Distributed denial-of-service attacks are an increasing problem facing web applications, for which many defense techniques have been proposed, including several moving-target strategies. These strategies typically work by relocating targeted services over time, increasing uncertainty for the attacker, while trying not to disrupt legitimate users or incur excessive costs. Prior work has not shown, however, whether and how a rational defender would choose a moving-target method against an adaptive attacker, and under what conditions. We formulate a denial-of-service scenario as a two-player game, and solve a restricted-strategy version of the game using the methods of empirical game-theoretic analysis. Using agent-based simulation, we evaluate the performance of strategies from prior literature under a variety of attacks and environmental conditions. We find evidence for the strategic stability of various proposed strategies, such as proactive server movement, delayed attack timing, and suspected insider blocking, along with guidelines for when each is likely to be most effective.

Defending from Stealthy Botnets Using Moving Target Defenses

In today’s IT landscape, organizations are increasingly exposed to an array of novel and sophisticated threats—including advanced persistent threats (APTs) and distributed denial-of-service (DDoS) attacks—which can bypass traditional defenses and persist in target systems indefinitely. Threat actors often rely on networks of compromised and remotely controlled hosts, known as botnets, to execute a number of different cyberattacks and engage in criminal or unauthorized activities. Protecting sensitive and mission-critical data from competitors, state actors, and organized crime has become increasingly critical for the well-being of many organizations. A promising approach to botnet detection and mitigation relies on moving target defense (MTD), a novel and game-changing approach to cyber defense. MTD creates asymmetric uncertainty, providing the defender with a tactical advantage over the attacker. MTD techniques are designed to continuously change or shift a system’s attack surface, thus increasing cost and complexity for the threat actors. We show how the botnet detection and mitigation problem can be decomposed in three related and relatively simpler challenges, and how these challenges can be effectively tackled adopting an MTD approach, ultimately limiting the ability of a botnet to persist within a target system.