![Page 1: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/1.jpg)
Survey of Cyber Moving Targets Second EditionAuthors: B.C. Ward S.R. Gomez R.W. Skowyra D. Bigelow J.N. Martin J.W. Landry H. Okhravi
Presenter: Jinghui Liao
![Page 2: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/2.jpg)
Outline
´ Cyber Kill Chain
´ Attack technique
´ Moving-targets technique
´ Weakness
![Page 3: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/3.jpg)
Cyber Kill Chain
´ Reconnaissance
´ Access
´ Exploit Development
´ Attack Launch
´ Persistence
![Page 4: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/4.jpg)
ATTACK TECHNIQUES
´ Data Leakage Attacks´ Resource Attacks´ Injection
´ Code Injection
´ Control Injection
´ Spoofing´ Exploitation of Authentication´ Exploitation of Privilege/Trust´ Scanning´ Supply Chain/Physical Attacks
![Page 5: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/5.jpg)
ATTACK TECHNIQUES
´ Data Leakage Attacks´ Resource Attacks´ Injection
´ Code Injection
´ Control Injection
´ Spoofing´ Exploitation of Authentication´ Exploitation of Privilege/Trust´ Scanning´ Supply Chain/Physical Attacks
![Page 6: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/6.jpg)
ATTACK TECHNIQUES
´ Data Leakage Attacks´ Leakage of cryptographic keys from memory(WannaCry)
´ Side-channel attacks(spectre meltdown)
![Page 7: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/7.jpg)
ATTACK TECHNIQUES
´ Data Leakage Attacks´ Resource Attacks´ Injection
´ Code Injection
´ Control Injection
´ Spoofing´ Exploitation of Authentication´ Exploitation of Privilege/Trust´ Scanning´ Supply Chain/Physical Attacks
![Page 8: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/8.jpg)
ATTACK TECHNIQUES
´ Data Leakage Attacks
´ Resource Attacks´ Exhaust or manipulate shared resources
´ Denial-of-service using CPU saturation
![Page 9: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/9.jpg)
ATTACK TECHNIQUES
´ Data Leakage Attacks´ Resource Attacks´ Injection
´ Code Injection
´ Control Injection
´ Spoofing´ Exploitation of Authentication´ Exploitation of Privilege/Trust´ Scanning´ Supply Chain/Physical Attacks
![Page 10: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/10.jpg)
ATTACK TECHNIQUES
´ Data Leakage Attacks´ Resource Attacks´ Injection
´ Code Injection
´ Control Injection
´ Spoofing´ Exploitation of Authentication´ Exploitation of Privilege/Trust´ Scanning´ Supply Chain/Physical Attacks
![Page 11: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/11.jpg)
ATTACK TECHNIQUES
´ Data Leakage Attacks
´ Resource Attacks
´ Injection´ Code Injection
´ buffer overflow
´ script injection
´ SQL injection
![Page 12: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/12.jpg)
ATTACK TECHNIQUES
´ Data Leakage Attacks´ Resource Attacks´ Injection
´ Code Injection
´ Control Injection
´ Spoofing´ Exploitation of Authentication´ Exploitation of Privilege/Trust´ Scanning´ Supply Chain/Physical Attacks
![Page 13: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/13.jpg)
ATTACK TECHNIQUES
´ Data Leakage Attacks
´ Resource Attacks
´ Injection´ Code Injection
´ Control Injection´ Timing
´ Ordering
´ Arguments
´ Return-oriented programming (ROP)
![Page 14: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/14.jpg)
ATTACK TECHNIQUES
´ Data Leakage Attacks´ Resource Attacks´ Injection
´ Code Injection
´ Control Injection
´ Spoofing´ Exploitation of Authentication´ Exploitation of Privilege/Trust´ Scanning´ Supply Chain/Physical Attacks
![Page 15: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/15.jpg)
ATTACK TECHNIQUES
´ Data Leakage Attacks
´ Resource Attacks
´ Injection´ Code Injection
´ Control Injection
´ Spoofing´ Fake identity
´ Man-in-the-middle
´ Phishing
![Page 16: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/16.jpg)
ATTACK TECHNIQUES
´ Data Leakage Attacks´ Resource Attacks´ Injection
´ Code Injection
´ Control Injection
´ Spoofing´ Exploitation of Authentication´ Exploitation of Privilege/Trust´ Scanning´ Supply Chain/Physical Attacks
![Page 17: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/17.jpg)
ATTACK TECHNIQUES
´ Data Leakage Attacks
´ Resource Attacks
´ Injection´ Code Injection
´ Control Injection
´ Spoofing
´ Exploitation of Authentication´ Compromise authentication process
´ Cross-site scripting
![Page 18: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/18.jpg)
ATTACK TECHNIQUES
´ Data Leakage Attacks´ Resource Attacks´ Injection
´ Code Injection
´ Control Injection
´ Spoofing´ Exploitation of Authentication´ Exploitation of Privilege/Trust´ Scanning´ Supply Chain/Physical Attacks
![Page 19: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/19.jpg)
ATTACK TECHNIQUES
´ Data Leakage Attacks´ Resource Attacks´ Injection
´ Code Injection
´ Control Injection
´ Spoofing´ Exploitation of Authentication´ Exploitation of Privilege/Trust´ Scanning´ Supply Chain/Physical Attacks
![Page 20: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/20.jpg)
ATTACK TECHNIQUES
´ Data Leakage Attacks´ Resource Attacks´ Injection
´ Code Injection
´ Control Injection
´ Spoofing´ Exploitation of Authentication´ Exploitation of Privilege/Trust´ Scanning´ Supply Chain/Physical Attacks
![Page 21: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/21.jpg)
https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies
![Page 22: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/22.jpg)
Moving-Targets
´ Any technique that attempts to defend a system and increase the complexity of cyber attacks by making the system less homogeneous, static, or deterministic
´ Dynamic Data
´ Dynamic Software
´ Dynamic Runtime Environment
´ Address Space Randomization
´ Instruction Set Randomization
´ Dynamic Platforms
´ Dynamic Networks
![Page 23: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/23.jpg)
Moving-Targets
´ Any technique that attempts to defend a system and increase the complexity of cyber attacks by making the system less homogeneous, static, or deterministic
´ Dynamic Data
´ Dynamic Software
´ Dynamic Runtime Environment
´ Address Space Randomization
´ Instruction Set Randomization
´ Dynamic Platforms
´ Dynamic Networks
![Page 24: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/24.jpg)
Moving-Targets
´ Any technique that attempts to defend a system and increase the complexity of cyber attacks by making the system less homogeneous, static, or deterministic
´ Dynamic Data
´ Format
´ Syntax
´ Encoding
´ Encryption
´ Representation
![Page 25: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/25.jpg)
Moving-Targets
´ Any technique that attempts to defend a system and increase the complexity of cyber attacks by making the system less homogeneous, static, or deterministic
´ Dynamic Data
´ Dynamic Software
´ Dynamic Runtime Environment
´ Address Space Randomization
´ Instruction Set Randomization
´ Dynamic Platforms
´ Dynamic Networks
![Page 26: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/26.jpg)
Moving-Targets
´ Any technique that attempts to defend a system and increase the complexity of cyber attacks by making the system less homogeneous, static, or deterministic
´ Dynamic Data
´ Dynamic Software´ Instructions
´ Order
´ Grouping
´ Format
![Page 27: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/27.jpg)
Moving-Targets
´ Any technique that attempts to defend a system and increase the complexity of cyber attacks by making the system less homogeneous, static, or deterministic
´ Dynamic Data
´ Dynamic Software
´ Dynamic Runtime Environment
´ Address Space Randomization
´ Instruction Set Randomization
´ Dynamic Platforms
´ Dynamic Networks
![Page 28: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/28.jpg)
Moving-Targets
´ Any technique that attempts to defend a system and increase the complexity of cyber attacks by making the system less homogeneous, static, or deterministic
´ Dynamic Data
´ Dynamic Software
´ Dynamic Runtime Environment
´ Address Space Randomization
´ Instruction Set Randomization
´ Dynamic Platforms
´ Dynamic Networks
![Page 29: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/29.jpg)
Moving-Targets
´ Any technique that attempts to defend a system and increase the complexity of cyber attacks by making the system less homogeneous, static, or deterministic
´ Dynamic Data
´ Dynamic Software
´ Dynamic Runtime Environment´ Address Space Randomization
´ Code
´ Libraries
´ Stack/heap
´ Functions
![Page 30: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/30.jpg)
Moving-Targets
´ Any technique that attempts to defend a system and increase the complexity of cyber attacks by making the system less homogeneous, static, or deterministic
´ Dynamic Data
´ Dynamic Software
´ Dynamic Runtime Environment
´ Address Space Randomization
´ Instruction Set Randomization
´ Dynamic Platforms
´ Dynamic Networks
![Page 31: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/31.jpg)
Moving-Targets
´ Any technique that attempts to defend a system and increase the complexity of cyber attacks by making the system less homogeneous, static, or deterministic
´ Dynamic Data
´ Dynamic Software
´ Dynamic Runtime Environment
´ Address Space Randomization
´ Instruction Set Randomization
´ Interface presented by the operating system
![Page 32: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/32.jpg)
Moving-Targets
´ Any technique that attempts to defend a system and increase the complexity of cyber attacks by making the system less homogeneous, static, or deterministic
´ Dynamic Data
´ Dynamic Software
´ Dynamic Runtime Environment
´ Address Space Randomization
´ Instruction Set Randomization
´ Dynamic Platforms
´ Dynamic Networks
![Page 33: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/33.jpg)
Moving-Targets
´ Dynamic Runtime Environment´ Address Space Randomization
´ Instruction Set Randomization
´ Dynamic Platforms´ OS version
´ CPU architecture
´ OS instance
´ Platform data format
![Page 34: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/34.jpg)
Moving-Targets
´ Any technique that attempts to defend a system and increase the complexity of cyber attacks by making the system less homogeneous, static, or deterministic
´ Dynamic Data
´ Dynamic Software
´ Dynamic Runtime Environment
´ Address Space Randomization
´ Instruction Set Randomization
´ Dynamic Platforms
´ Dynamic Networks
![Page 35: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/35.jpg)
Moving-Targets
´ Dynamic Runtime Environment
´ Address Space Randomization
´ Instruction Set Randomization
´ Dynamic Platforms
´ Dynamic Networks
´ Protocols
´ Addresses
![Page 36: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/36.jpg)
WEAKNESSES
´ Overcome Movement
´ Predict Movement
´ Limit Movement
´ Disable Movement
![Page 37: Survey of Cyber Moving Targets Second Editionwebpages.eng.wayne.edu/~fy8421/18fa-csc6991/slides/... · ´Cyber Kill Chain ´Attack technique ´Moving-targets technique ´Weakness](https://reader034.vdocuments.mx/reader034/viewer/2022042917/5f5966dd032fb5308c4158fb/html5/thumbnails/37.jpg)
Thank you!