Visible to the public Coordinated Machine Learning-Based Vulnerability & Security Patching for Resilient Virtual Computing InfrastructureConflict Detection Enabled

Submitted by najmeri on Fri, 12/20/2019 - 11:02am

PI(s), Co-PI(s), Researchers:

PI: Helen Gu; Researchers: Olufogorehan Tunde-Onadele (Fogo)

HARD PROBLEM(S) ADDRESSED
This refers to Hard Problems, released November 2012.

Resilient Architectures

Our research aims at aiding administrators of virtualized computing infrastructures in making services more resilient to security attacks through applying machine learning to reduce both security and functionality risks in software patching by continually monitoring patched and unpatched software to discover vulnerabilities and triggering proper security updates.

PUBLICATIONS
Papers written as a result of your research from the current quarter only.

KEY HIGHLIGHTS
Each effort should submit one or two specific highlights. Each item should include a paragraph or two along with a citation if available. Write as if for the general reader of IEEE S&P.
The purpose of the highlights is to give our immediate sponsors a body of evidence that the funding they are providing (in the framework of the SoS lablet model) is delivering results that "more than justify" the investment they are making.

In this quarter, we focused on designing and implementing runtime targeted patching techniques by extracting exploit signatures for different vulnerabilities and performing targeted patching for the detected vulnerabilties. Compared to existing techniques, our approach aims at achieving a more intelligent and efficient security patching scheme for container systems. We evaluated our scheme over 32 real world security vulnerabilities in 23 commonly used server applications. Results show that we can timely detect and classify 78% of the attacks before they succeed in exploiting the tested vulnerabilties. Compared to traditional patching approaches (i.e., whole software upgrade), our targeted patching scheme can reduce memory footprint by over 50% and disk consumption by 23%. Futhermore, traditional upgrade approach can only fix 4 out of 32 tested vulnerabilties.

COMMUNITY ENGAGEMENTS

None.

EDUCATIONAL ADVANCES:

One PhD students Fogo (Olufogorehan Tunde-Onadele) is currently supported by the grant.

Groups: