Resilience Requirements, Design, and Testing - October 2015

Submitted by drwright on Mon, 09/21/2015 - 9:09am

Public Audience
PI(s): Kevin Sullivan, Mladen Vouk, Ehab Al-Shaer
Researchers: Ashiq Rahman and Mohamed Alsaleh (UNCC), Anoosha Vangaveeti (NCSU), Chong Tang (UVA)

HARD PROBLEM(S) ADDRESSED

Characterization of attack-resiliency of software based systems needs to be done from its very inception because without such characterization attack resiliency is not properly testable or implementable.

Resilient Architectures - vulnerability avoidance, evaluation and tolerance strategies and architectures.
Security Metrics and Models - development of metrics and models for static and dynamic assessment of resilience of software.

PUBLICATIONS

Muhammad Qasim Ali, Ayesha B. Ashfaq, Ehab Al-Shaer, Qi Duan. 2015. Towards a Science of Anomaly Detection System Evasion. IEEE Conference on Communications and Network Security.
Jafar Haadi Jafarian, Ehab Al-Shaer, Qi Duan. 2015. Adversary-aware IP address randomization for proactive agility against sophisticated attackers. IEEE Conference on Computer Communications.
J. Knight, J. Xiang, Kevin Sullivan. 2015. Real-World Types and Their Applications. The International Conference on Computer Safety, Reliability, and Security.
URL: http://safecomp2015.tudelft.nl/
Anoosha Vangaveeti. 2015. An Assessment of Security Problems in Open Source Software. Computer Science. MS.

ACCOMPLISHMENT HIGHLIGHTS

Understanting the real-world effect of new security technologies on cyber threat landscape helps us choose vulnerability avoidance, elimination and attack-tolerance methodologies and processes. An important are real-world types that document relevant characteristics of real-world entities and relate them to machine-level representations. This allows enforcement of real-world constraints in a systematic way, thereby enabling a new class of software fault detection mechanisms.
However, the overall field discovery rate of security problems for many open source operating systems and applications, such as the Fedora platform set, does not seem to have changed over a long time (20 or so releases). While this rate is orders of magnitude below that for non-security problems, it has a persistent and almost constant and predictable background presence. Furthermore, it would appear that both commercial and open-source programmers are making the same mistakes (e.g., those from the top 25 most frequent and dangerous security problems) over and over again.
There is evidence that it may be possible to move from reactive cybsecurity attack stance to pro-active or pre-emptive through employment of a combination of pre-cognitive run-time measurements and forward-recovery attack tolerance techniquest.
We showed that existing Anomaly-based intrusion detection systems (or AIDS) are highly susceptible to detection evasion by parameter estimation attacks that can completely paralyze AIDS. We developed mathematical models to quantify and measure the potential of evasion for wide classes of AIDSs. We also propose a threshold randomization technique to provide resiliency against evasion. We showed that these metrics and analysis can establish a scientific foundation for rethinking AIDS design.
We developed two metrics to measure the effectiveness of proactive resiliency techniques such as moving target defense. We showed that the proposed metrics (``deterrence” and ``detectability”) can be accurately used to measure and compare the effectiveness of wide classes of adaptive cyber defense including network mutation.
(v2)

Groups:

NCSU Science of Security Lablet Research Initiative