Creating a Cyber Moving Target for Critical Infrastructure Applications - Critical Infrastructure Protection V
Conference Papers Year : 2011

Creating a Cyber Moving Target for Critical Infrastructure Applications

Abstract

Despite the significant amount of effort that often goes into securing critical infrastructure assets, many systems remain vulnerable to advanced, targeted cyber attacks. This paper describes the design and implementation of the Trusted Dynamic Logical Heterogeneity System (TALENT), a framework for live-migrating critical infrastructure applications across heterogeneous platforms. TALENT permits a running critical application to change its hardware platform and operating system, thus providing cyber survivability through platform diversity. TALENT uses containers (operating-system-level virtualization) and a portable checkpoint compiler to create a virtual execution environment and to migrate a running application across different platforms while preserving the state of the application (execution state, open files and network connections). TALENT is designed to support general applications written in the C programming language. By changing the platform on-the-fly, TALENT creates a cyber moving target and significantly raises the bar for a successful attack against a critical application. Experiments demonstrate that a complete migration can be completed within about one second.
Fichier principal
Vignette du fichier
978-3-642-24864-1_8_Chapter.pdf (813.21 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01571780 , version 1 (03-08-2017)

Licence

Identifiers

Cite

Hamed Okhravi, Adam Comella, Eric Robinson, Stephen Yannalfo, Peter Michaleas, et al.. Creating a Cyber Moving Target for Critical Infrastructure Applications. 5th International Conference Critical Infrastructure Protection (ICCIP), Mar 2011, Hanover, NH, United States. pp.107-123, ⟨10.1007/978-3-642-24864-1_8⟩. ⟨hal-01571780⟩
107 View
86 Download

Altmetric

Share

More