139,861 research outputs found
A Cost-effective Shuffling Method against DDoS Attacks using Moving Target Defense
Moving Target Defense (MTD) has emerged as a newcomer into the asymmetric
field of attack and defense, and shuffling-based MTD has been regarded as one
of the most effective ways to mitigate DDoS attacks. However, previous work
does not acknowledge that frequent shuffles would significantly intensify the
overhead. MTD requires a quantitative measure to compare the cost and
effectiveness of available adaptations and explore the best trade-off between
them. In this paper, therefore, we propose a new cost-effective shuffling
method against DDoS attacks using MTD. By exploiting Multi-Objective Markov
Decision Processes to model the interaction between the attacker and the
defender, and designing a cost-effective shuffling algorithm, we study the best
trade-off between the effectiveness and cost of shuffling in a given shuffling
scenario. Finally, simulation and experimentation on an experimental software
defined network (SDN) indicate that our approach imposes an acceptable
shuffling overload and is effective in mitigating DDoS attacks
Moving Cooler: An Analysis of Transportation Strategies for Reducing Greenhouse Gas Emissions
Summarizes estimates of the costs and impact on greenhouse gas emissions of transportation strategies that raise fuel efficiency, lower fuel carbon content, reduce vehicle travel, and improve the transportation network and of combinations of strategies
Integrating fluctuations into distribution of resources in transportation networks
We propose a resource distribution strategy to reduce the average travel time
in a transportation network given a fixed generation rate. Suppose that there
are essential resources to avoid congestion in the network as well as some
extra resources. The strategy distributes the essential resources by the
average loads on the vertices and integrates the fluctuations of the
instantaneous loads into the distribution of the extra resources. The
fluctuations are calculated with the assumption of unlimited resources, where
the calculation is incorporated into the calculation of the average loads
without adding to the time complexity. Simulation results show that the
fluctuation-integrated strategy provides shorter average travel time than a
previous distribution strategy while keeping similar robustness. The strategy
is especially beneficial when the extra resources are scarce and the network is
heterogeneous and lowly loaded.Comment: 14 pages, 4 figure
Tailored Source Code Transformations to Synthesize Computationally Diverse Program Variants
The predictability of program execution provides attackers a rich source of
knowledge who can exploit it to spy or remotely control the program. Moving
target defense addresses this issue by constantly switching between many
diverse variants of a program, which reduces the certainty that an attacker can
have about the program execution. The effectiveness of this approach relies on
the availability of a large number of software variants that exhibit different
executions. However, current approaches rely on the natural diversity provided
by off-the-shelf components, which is very limited. In this paper, we explore
the automatic synthesis of large sets of program variants, called sosies.
Sosies provide the same expected functionality as the original program, while
exhibiting different executions. They are said to be computationally diverse.
This work addresses two objectives: comparing different transformations for
increasing the likelihood of sosie synthesis (densifying the search space for
sosies); demonstrating computation diversity in synthesized sosies. We
synthesized 30184 sosies in total, for 9 large, real-world, open source
applications. For all these programs we identified one type of program analysis
that systematically increases the density of sosies; we measured computation
diversity for sosies of 3 programs and found diversity in method calls or data
in more than 40% of sosies. This is a step towards controlled massive
unpredictability of software
- …