Using cyber maneuver to improve network resiliency

The Net Maneuver Commander (NMC) is a research prototype cyber command and control (C2) system which constantly maneuvers network-based elements preemptively to improve network resiliency in a cyber compromised environment. Similar in concept to a frequency hopping radio, Network Maneuver Commander transparently and preemptively provides a moving target defense to evade attack. It utilizes randomization algorithms for maneuver destination selection, providing randomized synthetic diversity of hardware platforms, operating systems and network segments. Network Maneuver Commander also improves resiliency through random and pre-emptive application and platform reconstitution with check-pointing, reloading and resetting, and through the support of deception and containment of malware. The goals of the research were to increase the investment an attacker must make to succeed, increase the exposure of an attacker to detection as the attacker is forced to relearn the network and reestablish malware, increase the uncertainty of the success of the attack and to increase the overall survivability in the presence of attacks. This paper describes the Network Maneuver Commander architecture as well as the resiliency techniques provided including moving target defense, randomization, reconstitution, artificial diversity and deception. Lessons learned are also addressed.