Thimblerig: A Game-Theoretic, Adaptive, Risk-limiting Security System for Cloud Systems

A significant portion of organizations and applications host client facing servers on cloud-based systems. As the first line of access into a system's services, these client-facing servers have a significant attack surface from network adversaries. Once compromised, these systems may be used to send spam, mine crypto, launch DDoS attacks, or used for other nefarious purposes. We propose an adaptive moving target defense that uses game theory to optimize the security and cost to the cloud system. This system leverages the fault-tolerant capabilities of cloud systems with large numbers of client facing servers and the virtualization of these client facing servers by strategically crashing random systems. As a result, an attacker who has compromised a system loses access to it and incurs the cost of having to re-compromise the system once they notice it has been lost. This approach drastically limits the amount of time that an attacker can utilize compromised systems and raises the overall investment required for that time. We have demonstrated via simulation a 90% reduction in the amount of time that an attacker has control over a compromised system for realistic scenarios based on previous data collection of live systems. This approach is agnostic to the method of compromise, so it is even effective against zero-day attacks.