Genetic Algorithms For Tightening Security
Chapter
Published version
Permanent lenke
https://hdl.handle.net/11250/3060250Utgivelsesdato
2022Metadata
Vis full innførselSamlinger
- Publikasjoner fra CRIStin - NTNU [39196]
Sammendrag
Proper configuration of operating systems and program parameters is known to be a key security factor in order to remove vulnerabilities. It is known that vulnerabilities can be caused by a human misconfiguration or by an improper chain of parameter settings. It is impossible to find an optimal combination manually due to the enormous number of possible configurations. In this article, we resort to a Genetic Algorithm equipped with a user-defined fitness function in order to compute a configuration of high fitness. Our work presents a two-fold contribution. First, we successfully use a GA to implement a moving target defense by alerting the configuration regularly in order to spoil an attacker's reconnaissance efforts. The GA tightens the security solution by evolving the fitness of the configuration over generations while maintaining diversity within generations across a pool of servers. This resulted in high-quality configurations crucial for a successful moving target defense strategy. Second, we try to find a compromise between tightening the security of the configuration and maintaining the Quality of Service (QoS) on a web server. In practice, usually tightening security on a web server comes at the cost of a decrease in QoS.