ChameleonSoft: Software Behavior Encryption for Moving Target Defense

Abstract

Ubiquitous cyber systems and their supporting infrastructure impact productivity and quality of life immensely. Their penetration in our daily life increases the need for their enhanced resilience and for means to secure and protect them. One major threat is the contemporary software monoculture. Recent research illustrated the vulnerability of the software monoculture and proposed diversity to reduce the attack surface. In this paper, we propose a biologically-inspired defense system, ChameleonSoft, that employs multidimensional software diversity to, in effect, induce spatiotemporal "software behavior encryption" for moving target defense. The key principles of ChameleonSoft are decoupling functional roles from runtime role players; devising intrinsically-resilient composable online-programmable building blocks; separating logic, state and physical resources; and employing functionally-equivalent, behaviorally-different code variants. ChameleonSoft is also equipped with an autonomic failure recovery mechanism for enhanced resilience. Nodes employing ChameleonSoft autonomously and cooperatively change their recovery and encryption policies both proactively and reactively according to the continual changes in context and environment. Using analysis and simulation, our results show that chameleonsoft can encrypt the execution behavior by confusion and diffusion induction at a reasonable overhead.