Posters > 2016
TCP Stream Splitting Moving Target Defense
The traditional network attack cycle spans number of steps including reconnaissance, fingerprinting, network mappi ng, exploitation, coordination, reporting, and propagation (Al Shaer, 2011). In each step, the adversary relies on the static nature of cyber infrastructures to achieve the attack target effectively (Al - Shaer, 2011). The target here can be a software infrastructure, operating system, server, network configuration, runtime environment, data or any valuable information to the attacker. Moving Target Defense (MTD) as the name suggest, moves the target continuously, making the system dynamic and robust. In this project we will be working on designing a TCP stream splitting defense mechanism. We are looking into modifying the network configuration by splitting a TCP stream into multiple TCP sub streams to break the traditional network attack cycle noted above. The objective of this project is to explore all the currently developed solutions that can be reused in developing a novel TCP stream splitting defense mechanism. We plan to define an attack model and designing a defense mechanism to secure the system from attackers in the scope of the attack model defined. Also, if time permits we plan to look at all the possibilities of implementation of the design.