Project Description ​

Cyber resilience is the key capability for ensuring  the cyber integrity even with adversary's partial or complete success. As adversaries progress toward their goals using multiple stages called attack-chain, the objective of resilient cyber defense  is to reset the attacker progress in the kill-chain through applying multiple resiliency strategies simultaneously.   
 
In this project, we will investigate scientific foundation for creating, combining and orchestrating various cyber resilience strategies to deter, deceive and disrupt attackers in the system. This includes developing proactive resiliency  techniques using cyber resistance based on adaptive isolation, diversity and moving target defense. Our approach involves developing metrics for measuring and orchestrating proactive resiliency techniques. Our implementation uses software defined networking, particularly OpenDayLight controller. to demonstrate the effectiveness of our approach.

Research Activities & Findings

As one case study, we developed MoveNet system for active cyber defense that enables migrating virtual networks at real-time to deter or deceive reconnaissance or DDoS attacks. MovNet allows for splitting, migrating and merging virtual networks to enable a fully agile and active cyber defense. This work was published in INFOCOM 2015:

       Fida Gilani, Ehab Al-Shaer, Samantha Lo, Qi Duan, Mostafa Ammar and Ellen W.     
       Zegura, Agile Virtualized Infrastructure to Proactively Defend Against Cyber 
       Attacks, IEEE INFOCOM 2015, April 2015