A Moving Target Defense for Data Storage Devices

Author(s)/Presenter(s):
Library Content Type:
Publish Date: 
Wednesday, May 11, 2022
Event Name: 
Event Track:
Abstract: 

The static nature of many modern-day computing systems makes them easy to attack and hard to defend. Our adversaries have the time to study a system, identify its vulnerabilities, and attack at a time and place of their choosing. This gives them an asymmetric advantage, which is unacceptable. 

Moving Target Defense (MTD) is the concept of introducing controlled change across multiple system dimensions in order to increase uncertainty and apparent complexity for attackers. This reduces their window of opportunity and increases the costs of their probing and attack efforts, rendering their surveillance obsolete. 

NexiTech has developed an innovative MTD solution that provides enhanced security for data-in-flight. Our patented Moving Target Defense Framework uses storage virtualization to create multiple abstractions of a data storage device. Each abstraction represents a virtual "communications channel". A software agent in the host computer is synchronized with an agent in the storage device. We implement a moving target defense by periodically changing the communications channel, not unlike the frequency-hopping techniques that have been effectively used in the past with radio communications. We believe our solution pushes the state of the art by adding active cyber defense technologies to data storage devices for the first time ever.

Watch video: