國立高雄大學圖資館 |

Language: English

Back

Evolutionary strategies for secure m...

Smith, Robert Walter.

Evolutionary strategies for secure moving target configuration discovery.

Record Type:	Electronic resources : Monograph/item
Title/Author:	Evolutionary strategies for secure moving target configuration discovery.
Author:	Smith, Robert Walter.
Description:	143 p.
Notes:	Source: Masters Abstracts International, Volume: 53-04.
Notes:	Advisers: David J. John; William H. Turkett.
Contained By:	Masters Abstracts International53-04(E).
Subject:	Computer science.
Online resource:	http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=1561798
ISBN:	9781321075410

Evolutionary strategies for secure moving target configuration discovery.
Smith, Robert Walter.

Evolutionary strategies for secure moving target configuration discovery. - 143 p.

Source: Masters Abstracts International, Volume: 53-04.

Thesis (M.S.)--Wake Forest University, 2014.

This item is not available from ProQuest Dissertations & Theses.

Defense against many cyber security threats can be implemented with existing software on the machine, without requiring patches for current programs or the installation of specialized security software. There are certain operating system or program parameters which, if set properly, can close security vulnerabilities. Learning a way to securely configure computers to prevent attacks potentially allows organizations to defend their machines with a relatively low cost.

ISBN: 9781321075410Subjects--Topical Terms:

199325
Computer science.

Evolutionary strategies for secure moving target configuration discovery.
LDR:05270nmm a2200361 4500 001 457617
005 20150805065207.5
008 150916s2014 ||||||||||||||||| ||eng d
020 $a 9781321075410
035 $a (MiAaPQ)AAI1561798
035 $a AAI1561798
040 $a MiAaPQ $c MiAaPQ
100 1 $a Smith, Robert Walter. $3 708571
245 1 0 $a Evolutionary strategies for secure moving target configuration discovery.
300 $a 143 p.
500 $a Source: Masters Abstracts International, Volume: 53-04.
500 $a Advisers: David J. John; William H. Turkett.
502 $a Thesis (M.S.)--Wake Forest University, 2014.
506 $a This item is not available from ProQuest Dissertations & Theses.
506 $a This item must not be sold to any third party vendors.
520 $a Defense against many cyber security threats can be implemented with existing software on the machine, without requiring patches for current programs or the installation of specialized security software. There are certain operating system or program parameters which, if set properly, can close security vulnerabilities. Learning a way to securely configure computers to prevent attacks potentially allows organizations to defend their machines with a relatively low cost.
520 $a In this thesis, a genetic algorithm achieving both the goals stated above was developed. The genetic algorithm has been shown to evolve more secure computer configurations which when used with an automated reconfiguration system immunize the machines to attacks. This population of configurations is diverse and changes with every generation, creating a moving target defense as a consequence of its operation, using no additional resources. The system was demonstrated to work using only $4 0 $ generations, a much smaller number of generations than is normal for use with genetic algorithms but is reasonable given the time constraints of this problem. Evolutionary strategies other than genetic algorithms have also been considered. Beam search is a greedy algorithm, accepting only the highest scoring configurations of the current generation into the next. In this thesis, a beam search based system prototype was developed. It was also more successful than the genetic algorithm in increasing average configuration fitness, while still maintaining a high amount of diversity.
520 $a This thesis also introduces the novel approach of using the artificial intelligence strategies support vector machines and classification and regression trees to supervise the evolutionary strategy. In the naive implementation, this was done by recording the changes in computers' observed security and correlating this information to changes between parents and children over many generations. This allowed for the classification of some settings as insecure. These insecure settings were forcibly removed from the population and the genetic algorithm modified so that they could not be reintroduced.
520 $a In this thesis, an implementation of this artificial intelligence based idea was added to both the genetic algorithm and beam search based systems. In both cases, it resulted in significant increases in the amount of total fitness gain, with very little impact on diversity. A more complex implementation of this idea addressed the fact that, in the real world, only a small number of possible exploits will be used in any generation. This problem would normally prevent accurate fitness evaluation, as, in each generation, chromosomes are only graded based on the subset of attacks used against them. This separate classification scheme compared chromosomes within a single generation, searching for commonalities which would explain which traits the exploit required to succeed.
520 $a A more complex classification scheme can achieve results in only a single generation. Instead of measuring at score changes over many generations, it compares attacked and uncompromised computers in the same generation. Commonalities within these groups will allow for the classification of traits responsible for opening the exploited vulnerability.
520 $a Once such traits were identified, they were used to create a profile describing what sort of chromosome is vulnerable to that exploit. Chromosomes matching that profile were no longer allowed into the population. This approach has the added benefit of aiding in the understanding of why the system created certain kinds of configurations and not others, providing clues to help understand the exploit used against the managed computers.
520 $a A prototype system making use of these strategies was developed. Experimentation has shown that, for small numbers of attacks per generation, it was often successful in creating a new generation of chromosomes which is immune to the attacks from the previous generation. These results demonstrated that this technique has merit for improving computer security and providing greater understanding of the cyber security landscape. (Abstract shortened by UMI.).
590 $a School code: 0248.
650 4 $a Computer science. $3 199325
690 $a 0984
710 2 $a Wake Forest University. $b Computer Science. $3 708572
773 0 $t Masters Abstracts International $g 53-04(E).
790 $a 0248
791 $a M.S.
792 $a 2014
793 $a English
856 4 0 $u http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=1561798