Multiple Operating system Rotation Environment Moving Target Defense

Organization: Argonne National Laboratory
Year: 2017

Multiple Operating system Rotation Environment Moving Target Defense (MORE MTD) prevents cyber attackers from having sufficient time to identify and exploit zero-day vulnerabilities in computing systems by creating an environment in which operating systems change. This changing environment increases an attacker’s level of uncertainty and raises the cost and effort needed to launch an attack. MORE MTD also makes systems more resilient to the potential consequences of vulnerabilities, not only in exploitation but also in system administration, patch development, testing and patch deployment. MORE MTD delivers application uptime during patch cycles, without the usual outage or exposure window to a known vulnerability. This technology is well suited to high-priority websites, especially those with fairly static content under heavy threat or scrutiny. Zero-day vulnerabilities are one of the most difficult problems security professionals face as there is no real defense against them. MORE MTD fills this gap. It proceeds from the assumption that zero days will be found in existing systems; however, its proactive nature makes it more difficult for attackers to exploit such vulnerabilities and lowers the consequences of any such exploitation.