Multi-model run-time security analysis - January 2015

Public Audience
Purpose: To highlight progress. Information is generally at a higher level which is accessible to the interested public.

PI(s): Jurgen Pfeffer
Co-PI(s): David Garlan, Bradley Schmerl
Researchers:

1) HARD PROBLEM(S) ADDRESSED (with short descriptions)

• Composability through multiple semantic models (here, architectural, organizational, and behavioral), which provide separation of concerns, while supporting synergistic benefits through integrated analyses.
• Scalability to large complex distributed systems using architectural models.
• Resilient architectures through the use of adaptive models that can be used at run-time to predict, detect and repair security attacks.
• Predictive security metrics by adapting social network-based metrics to the problem of architecture-level anomaly detection.

2) PUBLICATIONS

3) KEY HIGHLIGHTS

• We are addressing composability and metrics by developing a simulation environment that can be used to drive our research into using multiple semantic models. The simulation can be used to generate behavior traces through a representative cloud-based three-tier web system, from which architectural models, dynamic network models, and behavior models can be derived and analyzed. This will lead to metrics that can be used to detect behavior anomalies.
• Participated in poster session of the quarterly Lablet meeting July 1st, 2014