Moving target defence is the concept of change across multiple systems or servers to confuse the attack actor and reduce their window opportunity to proceed with the cyberattack they began with. This process enables the chance to probe and make attack efforts hard.
How is the MTD used in air defence?
Ethical hacking is a complex process that has its own merits and demerits. Research in recent times has proven that, since cybersecurity professionals are used to shuffling network addresses, there is a high chance that they can control military jets, airliners, and spacecraft. But, on the other hand, the research also pinpoints that, even if this is used as a defense mechanism, the increasingly sophisticated algorithm is to be countered to break this practice of MTD.
To further understand this better, it is essential to know what MIL-STD-1553 is. This onboard computer network is used in spacecraft, weapons systems, and air crafts as a military standard. This protocol allows communication during critical systems, like radars and flight control etc. Securing these networks from cyber-attacks is a concern of national security. If a hacker gains access to the MIL-STD-1553, that could result in the pilot losing control of the aircraft and can also lead to devastating consequences.
This is the turning point, where the question of how to protect these critical systems was raised. Cybersecurity scientists, Chris Jenkins and Sandia, partnered with Purdue University to research this and find a solution to stop attacks from infiltrating these critical networks that cause significant damage. The results were found to be a good solution in addressing the issue and were also published as a research dissertation in a scientific journal called IEEE Transactions. They say this cybersecurity technique, already known to ethical hackers, can help effectively protect the MIL-STD-1553.
How does the MTD work in this scenario?
The research proved that the MTD was adequate, but the counter-algorithms should be designed increasingly to ensure that attacks do not occur. One of the cybersecurity scientists, Eric Vulgrin, explains how there are only two factors when it comes to cybersecurity. One, to keep the attacker far away. So, he defines this by saying it is ‘more like building a wall’ to prevent the attacker from coming in and allowing access in the first place. The second is to rely on detection. If both plans fail, MTD serves as a strategic approach to confuse the attacker and make it hard for the attack actor to cause any damage.
The MTD can be helpful if the network address is constantly changing based on the device’s IP address. The critical point in this strategy is to randomize the constant change of the network address to make it as hard as possible for the attacker to infiltrate. But the glitch here would be that they would require enough and a more significant number of network addresses to make the randomness work effectively. If not, it would not be that random, and the point of the MTD would be proven waste.
Vugrin explains that the attackers used machine learning to attack. Still, they used machine-leaning along with the MTD cybersecurity tactic, making it easy to figure out the probable target zone and nullify it with the help of MTD. This whole process came with a lot of loopholes and backfires. With the collaboration between cybersecurity engineers and machine-leaning concepts, the results were great, and they were also able to triangulate the following three sets of networks that the attackers had planned to attack.
Conclusion
From this we understand that cybersecurity plays a vital role in things that were not possibly imagined before. Researchers have kept investigating and puzzle together concepts taking efforts to make cybersecurity a boom to be used in various fields and domains.