Implementation of network moving target defense in embedded systems

dc.contributor.advisor Doug W. Jacobson Finstad, Robert
dc.contributor.department Electrical and Computer Engineering 2021-01-16T18:20:31.000 2021-02-25T21:38:13Z 2021-02-25T21:38:13Z Tue Dec 01 00:00:00 UTC 2020 2020-11-24 2020-01-01
dc.description.abstract <p>Moving target defense provides opportunities for adaptive defense in embedded systems. A great deal of work has been done on incorporating moving target defense techniques into enterprise systems to increase the cost to attackers and level the playing field. A smaller body of work focuses on implementing these techniques in embedded systems, which can greatly benefit from adaptive self-defense techniques. This work implements a network shuffling proof of concept in the Zephyr real time operating system to tackle the challenge of incorporating shuffling techniques into embedded systems. A host-centric, high security implementation is provided which maximizes attacker uncertainty and minimizes the impact of host compromise. Identifiers are utilized at the datalink, network, and transport layers and rotated per connection using keys shared between host pairs.Existing shuffling schemes are explored, including those targeted to IoT contexts. Existing limitations in protecting embedded systems are considered along with the presented by moving target defense. The design details and implementation of incorporating a moving target defense module to in the Zephyr networking stack is provided. The protection provided by the scheme is evaluated and it is compared to existing address shuffling schemes. Future work in better handling data forwarding and collisions in the proof of concept scheme are considered. Options for adapting and building on the scheme to meet the needs of system designers are explored. This work provides system designers with insights into implementing address shuffling in embedded systems.</p>
dc.format.mimetype application/pdf
dc.identifier archive/
dc.identifier.articleid 9316
dc.identifier.contextkey 21104731
dc.identifier.s3bucket isulib-bepress-aws-west
dc.identifier.submissionpath etd/18309
dc.language.iso en
dc.source.bitstream archive/|||Fri Jan 14 21:40:11 UTC 2022
dc.subject.keywords Cybersecurity
dc.subject.keywords Embedded Systems
dc.subject.keywords Moving Target Defense
dc.subject.keywords Network Shuffling
dc.subject.keywords Zephyr
dc.title Implementation of network moving target defense in embedded systems
dc.type article
dc.type.genre dissertation
dspace.entity.type Publication
relation.isOrgUnitOfPublication a75a044c-d11e-44cd-af4f-dab1d83339ff Cyber Security dissertation Master of Science
Original bundle
Now showing 1 - 1 of 1
No Thumbnail Available
517.37 KB
Adobe Portable Document Format