**11. Current research**

Historically the attackers have also had the advantage that the majority of home PC owners and many businesses have been lax in applying fixes and upgrading their platform software. Thus attackers can have years to find and exploit vulnerable machines. Buffer overflow and other code injection attacks often depend on the static layout of the code and data in memory for their effectiveness. Historically network risks were mitigated by building a fortress around systems. This approach led to network architectures with components with names like DMZ (Demilitarized Zone), a boundary location that has both public and private addresses so that "bastion hosts" could be hardened to live in the DMZ while normal systems would be deployed behind the "firewall". This provides a static environment that allows an attacker almost unlimited time to search for a vulnerability in the attack surface. The advent of APT attackers that patiently probe for years against a target of particular interest make these fortress designs vulnerable. Just as WEP-based wireless networking was vulnerable to attack because it used static encryption keys, static networks that can be mapped over time are more vulnerable than more dynamic designs.

In order to defeat these threats in a slowly evolving infrastructure, some new products and research results demonstrate that significant gains in security can be achieved by adding random dynamic behavior to systems. Starting with Windows Vista and improved in Windows 7 and Server 2008 SP1, the operating system loads the parts of the operating system into different random locations every time it boots (Microsoft, 2011). Microsoft does not claim that this eliminates the threat of attacks - it just makes it significantly more difficult.

Vendors have begun to sell network appliances that randomize the footprint of the network by using Network Address Translation (NAT) technology and randomizing outbound connections over a set of IP addresses, as well as other dynamic behavior (Masking Networks, 2011).

The military is looking at many similar approaches to improve the security of its networks, especially combat control systems (Baker et al, 2011; Jones, 2011; Okhravi, et al, 2011; Wright, 2011). In November 2011, the Defense Advanced Projects Research Agency (DARPA) announced plans to increase cyber-security research by 50% (Hoover, 2011).

The next generation of networks may be significantly more robust, as could hardware and software systems. This will probably be accomplished by introducing more and more random behavior into the operational characteristics of systems which will overcome many of the disadvantages of our current environment of the majority of systems being identical platform software deployed on identical hardware connected in static networks

Cyber Security 33

Hoover, J. Nicholas, "DARPA Boosts Cybersecurity Research Spending 50%", Information

Jones, Andrew T., "Preparing the Air Force for Computer Network Operations", *High* 

http://www.maskingnetworks.com/network-masking-technology/network-

Microsoft, "Microsoft ASLR: Loading DLLs at a different location every boot", Feb 9,

 http://blogs.technet.com/b/virtualization/archive/2011/02/09/windows-7-andwindows-server-2008-r2-sp1-add-new-virtualization-innovations.aspx Morningstar, Chip and F. Randall Farmer. The Lessons of Lucasfilm's Habitat. The New

http://www.symantec.com/content/en/us/home\_homeoffice/html/ncr/.

Cyber Moving Target", *High Frontier*, v 7 #3, May 2011.

billion." PR Daily. Retrieved 9/13/11, from

U.C. Office, London, "The Cost of Cyber Crime", 2010.

Okhravi, Hamed, et al., "Achieving Cyber Survivability in a Contested Environment Using a

Ponemon Institute, "Second Annual Cost of Cyber Crime Study: Benchmark Study of U.S.

Poulsen, Kevin, "Feds Charge Cable Modem Modder With 'Aiding Computer Intrusion'",

Schwartz, Matthew J., "Most Businesses Don't Spot Hack Attacks", *Information Week*, Oct 5,

Sebastien, M. (2011, 25 May, 2011). "Infrographic: Cost of Sony's data hack could reach \$24

http://www.prdaily.com/Main/Articles/Infographic\_Cost\_of\_Sonys\_data\_hack\_

Security Counterintelligence, Office of the National Counterintelligence Executive,

Security Curmudgeon, "Absolute Sownage: A concise history of recent Sony hacks", June 4,

http://attrition.org/security/rants/sony\_aka\_sownage.html.

"Foreign Spies Stealing US Economic Secrets in Cyberspace: Report to Congress on Foreign Economic Collection and Industrial Espionage, 2009-2011", Oct

www.informationweek.com/news/security/attacks/231900054.

Media Reader. Ed. Wardrip-Fruin and Nick Montfort. The MIT Press, 2003. 664-

Creating Asymmetric Uncertainty for Cyber Threats Series: Advances in

www.informationweek.com/news/government/security/231902495. Jajodia, S.; Ghosh, A.; Swarup, V.; Wang, C.; Wang, X.S. (Eds.), Moving Target Defense:

Kemp, Anthony, *The Maginot Line: myth and reality*. Military Heritage Press. p. 14, 1988 Kroll (2010). Global Fraud Report. Global Fraud Report - Annual Edition. USA, Kroll

Masking Networks, "Network Address Vulnerabilities", white paper 2011,

Week, Nov 7, 2011,

Information Security, 1st Ed, 2011.

*Frontier*, v 7 #3, May 2011.

address-vulnerabilities

Norton, Inc., "Norton Cybercrime Report", 2011,

Companies", Aug 2011.

could\_reach\_24\_8359.aspx.

Wired, Nov 2, 2009.

Consulting.

2011,

667.

2011;

2011.

2011,

running on a single vendor's equipment (Jajodia, et al, 2011). Much will depend on decision makers recognizing the threats and being willing to invest both intellectual and financial capital in understanding the risks and applying appropriate defensive technologies.
