A Preventative Moving Target Defense Solution for Web Servers Using Iptables

Cimone Wright-Hamor, Steffanie Bisinger, Jeffrey Neel, Benjamin Blakely, Nathaniel Evans

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Web servers are targets for cyberattacks because they contain valuable information, which could facilitate interactions with another system or damage an organization’s reputation. In the last two decades, Moving Target Defense (MTD) research has gained attention as a cyber resilient technique to mitigate cyber threats. However, most MTD work focuses on the network layer, and there is not much work to support the service layer. This research is an experimental evaluation of Dynamic Application Rotational Environment (DARE) and Dare IMproved (DIM). DIM is an enhanced version of DARE that leverages a host-based firewall to rotate between web servers located on the same host. The main contribution of this work is furthering the understanding of implementing a centralized host-based MTD architecture for web servers. Results show that DIM can maintain availability while thwarting attacks, whereas DARE limits the availability of the web server.

Original languageEnglish
Title of host publicationProceedings of the International Conference on Cybersecurity, Situational Awareness and Social Media - Cyber Science 2022
EditorsCyril Onwubiko, Pierangelo Rosati, Aunshul Rege, Arnau Erola, Xavier Bellekens, Hanan Hindy, Martin Gilje Jaatun
PublisherSpringer Science and Business Media B.V.
Pages191-205
Number of pages15
ISBN (Print)9789811964138
DOIs
StatePublished - 2023
Externally publishedYes
EventInternational Conference on Cybersecurity, Situational Awareness, and Social Media, Cyber Science 2022 - Cardiff, United Kingdom
Duration: Jun 20 2022Jun 21 2022

Publication series

NameSpringer Proceedings in Complexity
ISSN (Print)2213-8684
ISSN (Electronic)2213-8692

Conference

ConferenceInternational Conference on Cybersecurity, Situational Awareness, and Social Media, Cyber Science 2022
Country/TerritoryUnited Kingdom
CityCardiff
Period06/20/2206/21/22

Fingerprint

Dive into the research topics of 'A Preventative Moving Target Defense Solution for Web Servers Using Iptables'. Together they form a unique fingerprint.

Cite this