Visible to the public Coordinated Machine Learning-Based Vulnerability & Security Patching for Resilient Virtual Computing InfrastructureConflict Detection Enabled

Submitted by najmeri on Tue, 06/23/2020 - 3:31pm

PI(s), Co-PI(s), Researchers:

PI: Helen Gu; Researchers: Olufogorehan Tunde-Onadele (Fogo)

HARD PROBLEM(S) ADDRESSED
This refers to Hard Problems, released November 2012.

Resilient Architectures

Our research aims at aiding administrators of virtualized computing infrastructures in making services more resilient to security attacks through applying machine learning to reduce both security and functionality risks in software patching by continually monitoring patched and unpatched software to discover vulnerabilities and triggering proper security updates.

PUBLICATIONS
Papers written as a result of your research from the current quarter only.

Olufogorehan Tunde-Onadele, Yuhang Lin, Jingzhu He, and Xiaohui Gu. Toward Just-in-Time Patching for Containerized Applications. Proceedings of the 7th Annual Symposium on Hot Topics in the Science of Security Symposium. 2020, pages 1--2.

Olufogorehan Tunde-Onadele, Yuhang Lin, Jingzhu He, and Xiaohui Gu. Self-Patch: Beyond Patch Tuesday for Containerized Applications. Proceedings of the IEEE International Conference on Autonomic Computing and Self-Organizing Systems (ACSOS). 2020, pages 1--7.

KEY HIGHLIGHTS
Each effort should submit one or two specific highlights. Each item should include a paragraph or two along with a citation if available. Write as if for the general reader of IEEE S&P.
The purpose of the highlights is to give our immediate sponsors a body of evidence that the funding they are providing (in the framework of the SoS lablet model) is delivering results that "more than justify" the investment they are making.

We completed the design and initial prototype implementation of Self-Patch, a new self-triggering patching framework for applications running inside containers. We reported the work in a conference paper which has been accepted by IEEE International Conference on Autonomic Computing and Self-Organizing Systems (ACSOS) 2020. We further refined the design and implementation of CDL, a classified distributed learning framework to achieve efficient security attack detection for containerized applications. We wrote a paper about the work and submitted it for conference publication.

COMMUNITY ENGAGEMENTS

None.

EDUCATIONAL ADVANCES:

One PhD student Fogo (Olufogorehan Tunde-Onadele) is currently supported by the grant.

Groups: