Moving Target Defense for Distributed Systems

摘要

An apparatus and method defends against computer attacks by destroying virtual machines on a schedule of destruction in which virtual machines are destroyed in either a random sequence or a round-robin sequence with wait times between the destruction of the virtual machines. Also, each virtual machine is assigned a lifetime and is destroyed at the end of its lifetime, if not earlier destroyed. Destroyed virtual machines are reincarnated by providing a substitute virtual machine and, if needed, transferring the state to the substitute virtual machine. User applications are migrated from the destroyed machine to the replacement machine. All virtual machines are monitored for an attack at a hypervisor level of cloud software using Virtual Machine Introspection, and if an attack is detected, the attacked virtual machine is destroyed and reincarnated ahead of schedule to create a new replacement machine on a different hardware platform using a different operating system.