5th ACM Workshop on Moving Target Defense (MTD 2018)
October 15, 2108

In conjunction with the 25th ACM Conference on Computer and Communications Security (ACM CCS 2018)
 
October 15-19, 2018, Toronto, Canada

Call for Papers

The static nature of current computing systems has made them easy to attack and hard to defend. Adversaries have an asymmetric advantage in that they have the time to study a system, identify its vulnerabilities, and choose the time and place of attack to gain the maximum benefit. The idea of moving-target defense (MTD) is to impose the same asymmetric disadvantage on attackers by making systems dynamic and therefore harder to explore and predict. With a constantly changing system and its ever-adapting attack surface, attackers will have to deal with significant uncertainty just like defenders do today. The ultimate goal of MTD is to increase the attackers' workload so as to level the cybersecurity playing field for defenders and attackers – ultimately tilting it in favor of the defender.

The workshop seeks to bring together researchers from academia, government, and industry to report on the latest research efforts on moving-target defense, and to have productive discussion and constructive debate on this topic. We solicit submissions on original research in the broad area of MTD, with possible topics such as those listed below. As MTD research is still in its infancy, the list should only be used as a reference. We welcome all contributions that fall under the broad scope of moving target defense, including research that shows negative results.

  • System randomization
  • Artificial diversity
  • Cyber maneuver and agility
  • Software diversity
  • Dynamic network configuration
  • Moving target in the cloud
  • System diversification techniques
  • Dynamic compilation techniques
  • Adaptive defenses
  • Intelligent countermeasure selection
  • MTD strategies and planning
  • Deep learning for MTD
  • MTD quantification methods and models
  • MTD evaluation and assessment frameworks
  • Large-scale MTD (using multiple techniques)
  • Moving target in software coding, application API virtualization
  • Autonomous technologies for MTD
  • Theoretic study on modeling trade-offs of using MTD approaches
  • Human, social, and usability aspects of MTD
  • Other related areas

Important Dates

Paper submission due: July 8, 2018 July 22, 2018 (FIRM)

Notification to authors: July 30, 2018 August 9, 2018

Camera ready due: August 22, 2018

Program Committee Chairs

  • Massimiliano Albanese, George Mason University, USA
  • Dijiang Huang, Arizona State University, USA

Steering Committee

  • Sushil Jajodia, Chair, George Mason University, USA
  • Dijiang Huang, Arizona State University, USA
  • Hamed Okhravi, MIT Lincoln Laboratory, USA
  • Xinming Ou, University of South Florida, USA
  • Kun Sun, George Mason University, USA

Publicity Chair

  • Sandeep Pisharody, MIT Lincoln Laboratory, USA

Technical Program Committee

  • Gail-Joon Ahn, Arizona State University & SAMSUNG Research, USA
  • Ehab Al-Shaer, University of North Caroline at Charlotte, USA
  • Alex Bardas, University of Kansas, USA
  • Hasan Cam, U.S. Army Research Laboratory, USA 
  • Valentina Casola, University of Naples, Italy
  • Ritu Chadha, Perspecta Labs, USA
  • Warren Connell, U.S. Air Force, USA
  • George Cybenko, Dartmouth College, USA
  • Alessandra De Benedictis, University of Naples, Italy
  • Robert Erbacher, Army Research Laboratory, USA
  • Michael Franz, University of California, Irvine, USA
  • Sushil Jajodia, George Mason University, USA
  • DongSeong (Dan) Kim, University of Canterbury, New Zealand 
  • Christopher Lamb, University of New Mexico, USA
  • Jason Li, Intelligent Automation Inc., USA
  • Peng Liu, Penn State University, USA
  • Zhuo Lu, University of South Florida, USA
  • Hamed Okhravi, MIT Lincoln Laboratory, USA
  • Sandeep Pisharody, MIT Lincoln Laboratory, USA
  • Shantanu Rane, Palo Alto Research Center (PARC), USA
  • Richard Skowyra, MIT Lincoln Laboratory, USA
  • Kun Sun, George Mason University, USA
  • Vipin Swarup, MITRE, USA
  • Sridhar Venkatesan, Perspecta Labs, USA
  • Cliff Wang, U.S. Army Research Office, USA
  • Michael Wellman, University of Michigan, USA
  • Minghui Zhu, Pennsylvania State University, USA

Kenote Speaker

Prof. Radha Poovendran, University of Washington

Title. Dynamic Defense against Adaptive and Persistent Adversaries

Abstract. This talk will cover two topics, namely, modeling and design of Moving Target Defense (MTD), and DIFT games for modeling Advanced Persistent Threats (APTs). We will first present a game-theoretic approach to characterizing the trade-off between resource efficiency and defense effectiveness in decoy- and randomization-based MTD. We will then address the game formulation for APTs. APTs are mounted by intelligent and resourceful adversaries who gain access to a targeted system and gather information over an extended period of time. APTs consist of multiple stages, including initial system compromise, privilege escalation, and data exfiltration, each of which involves strategic interaction between the APT and the targeted system. While this interaction can be viewed as a game, the stealthiness, adaptiveness, and unpredictability of APTs imply that the information structure of the game and the strategies of the APT are not readily available. Our approach to modeling APTs is based on the insight that the persistent nature of APTs creates information flows in the system that can be monitored. One monitoring mechanism is Dynamic Information Flow Tracking (DIFT), which taints and tracks malicious information flows through a system and inspects the flows at designated traps. Since tainting all flows in the system will incur significant memory and storage overhead, efficient tagging policies are needed to maximize the probability of detecting the APT while minimizing resource costs. In this work, we develop a multi-stage stochastic game framework for modeling the interaction between an APT and a DIFT, as well as designing an efficient DIFT-based defense. Our model is grounded on APT data gathered using the Refinable Attack Investigation (RAIN) flow-tracking framework. We present the current state of our formulation, insights that it provides on designing effective defenses against APTs, and directions for future work.

Radha PoovendranBio. Radha Poovendran is professor and chair of the Department of Electrical Engineering at the University of Washington. He is the founding director of the Network Security Lab and is a founding member and associate director of research for the UW’s Center for Excellence in Information Assurance Research and Education. He has also been a member of the advisory boards for Information Security Education and Networking Education Outreach at UW. In collaboration with NSF, he served as the chair and principal investigator for a Visioning Workshop on Smart and Connected Communities Research and Education in 2016. Poovendran’s research focuses on wireless and sensor network security, adversarial modeling, privacy and anonymity in public wireless networks and cyber-physical systems security. He co-authored a book titled Submodularity in Dynamics and Control of Networked Systems and co-edited a book titled Secure Localization and Time Synchronization in Wireless Ad Hoc and Sensor Networks. He is also an associate editor for ACM Transactions on Sensor Networks. Poovendran is a Fellow of IEEE and has received various awards including Distinguished Alumni Award, ECE Department, University of Maryland, College Park, 2016; NSA LUCITE Rising Star 1999; NSF CAREER 2001; ARO YIP 2002; ONR YIP 2004; PECASE 2005; and Kavli Fellow of the National Academy of Sciences 2007.

Program

Monday, October 15, 2018

 

07:30AM–08:45AM

Registration & Breakfast

 

08:45AM–09:00AM

Opening Remarks

Session #1

Evaluation of MTD Techniques

Session Chair: Indrajit Ray

09:00AM–09:30AM

"Quantifying the Effectiveness of Software Diversity using Near-Duplicate Detection Algorithms," Joel Coffman, Aurin Chakravarty, Joshua Russo, and Andrew Gearhart (Johns Hopkins University)

09:30AM–10:00AM

"Comprehensive Security Assessment of Combined MTD Techniques for the Cloud," Hooman Alavizadeh (Massey University), Jin B. Hong (The University of Western Australia ), Julian Jang-Jaccard (Massey University), and Dong Seong Kim (University of Canterbury)

10:00AM–10:30AM

"Analysis of Concurrent Moving Target Defenses," Warren Connell, Luan Pham, and Samuel Philip (George Mason University)

 

10:30AM–10:45AM

Coffee Break

Session #2

Novel MTD Frameworks and Techniques

Session Chair: Warren Connell

10:45AM–11:15AM

"Catch Me If You Can: Dynamic Concealment of Network Entities," Daniel Fraunholz, Daniel Krohmer, Simon Duque Anton, and Hans Dieter Schotte (German Research Center for Artificial Intelligence)

11:15AM–11:45AM

"Cloxy: A Context-aware Deception-as-a-Service Reverse Proxy for Web Services," Daniel Fraunholz, Daniel Reti, Simon Duque Anton, and Hans Dieter Schotten (German Research Center for Artificial Intelligence)

11:45AM–12:15PM

"A Security SLA-driven Moving Target Defense Framework to Secure Cloud Applications," Valentina Casola (University of Naples Federico II), Alessandra De Benedictis (University of Naples Federico II), Massimiliano Rak (University of Campania Luigi Vanvitelli ), and Umberto Villano (University of Sannio)

 

12:15PM–02:00PM

Lunch & Networking

Keynote

Session Chair: Massimiliano Albanese

02:00PM–03:00PM

Speaker: Prof. Radha Poovendran, University of Washington

"Dynamic Defense against Adaptive and Persistent Adversaries"

 

03:00PM–03:15PM

Coffee Break

Session #3

Protection of Critical Services against Advanced Threats

Session Chair: Valentina Casola

03:15PM–03:45PM

"A Secure Hash Commitment Approach for Moving Target Defense of Security-critical Services," Dieudonne Mulamba, Athith Amarnath, Bruhadeshwar Bezawada, and Indrajit Ray (Colorado State University)

03:45PM–04:15PM

"Ensuring Deception Consistency for FTP Services Hardened against Advanced Persistent Threats," Zhan Shu and Guanhua Yan (Binghamton University)

04:15PM–04:45PM

"In-design Resilient SDN Control Plane Against DDoS Attacks," Qi Duan, Ehab Al-Shaer, and Syed Fida Gillani (University of North Carolina, Charlotte)

 

04:45PM–05:00PM

Closing Remarks

Submission

Submitted papers must not substantially overlap with papers that have been published or simultaneously submitted to a journal or a conference with proceedings. Submissions should be at most 10 pages in the ACM double-column format (see https://www.acm.org/publications/proceedings-template), excluding well-marked appendices, and at most 12 pages in total.

Submissions are not required to be anonymized. Submissions are to be made to the submission web site at http://www.easychair.org. Only PDF files will be accepted. Submissions not meeting these guidelines risk rejection without consideration of their merits. Papers must be received by the deadline of July 8, 2018 July 22, 2018 to be considered. Notification of acceptance or rejection will be sent to authors by July 30, 2018 August 9, 2018. Camera ready papers must be submitted by August 22, 2018 following instructions available at http://www.scomminc.com/pp/acmsig/mtd.htm. Authors of accepted papers must guarantee that one of the authors will register and present the paper at the workshop. Proceedings of the workshop will be available on a CD to the workshop attendees and will become part of the ACM Digital Library.

Submit now!