Vulnerability and Resilience Prediction Models - January 2015
Public Audience
Purpose: To highlight project progress. Information is generally at a higher level which is accessible to the interested public. All information contained in the report (regions 1-3) is a Government Deliverable/CDRL.
PI(s): Mladen Vouk, Laurie Williams
Researchers: Da Young Lee, Roopak Venkatakrishnan
HARD PROBLEM(S) ADDRESSED
- Security Metrics and Models
- Resilient Architectures
- Scalability and Composability
Resilience of software to attacks is an open problem. Resilience depends on the science behind the approach used, as well as our engineering abilities. The scope of interests includes recognition of attacks through metrics and models we use to describe and recognize software vulnerabilities, and predict resilience to attacks in the field (Security Metrics and Models). It also depends on the software (and system) architecture(s) used (Resilient Architectures), and their scalability (Scalability and Composability). For example, if one has a number of highly attack-resilient components and appropriate attack sensors, is it possible to compose a resilient system from these parts, and how does that solution scale and age?
PUBLICATIONS
None in this quarter.
ACCOMPLISHMENT HIGHLIGHTS
- Assessment of back-to-back testing for detection of security attacks shows that a number of recent difficult-to-detect attacks on some popular web-servers are detectable through the use of commercial-of-the-shelf redundancy and diversity.
- We have a proof-of-concept implemenation of S-Kepler in operation involves reactive (epistemic) problem detection (typically patterns), as well as pro-active back-to-back soft sensors.