Title | The Case for Robust Adaptation: Autonomic Resource Management is a Vulnerability |
Publication Type | Conference Paper |
Year of Publication | 2019 |
Authors | Noor, Joseph, Ali-Eldin, Ahmed, Garcia, Luis, Rao, Chirag, Dasari, Venkat R., Ganesan, Deepak, Jalaian, Brian, Shenoy, Prashant, Srivastava, Mani |
Conference Name | MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM) |
Date Published | nov |
Keywords | ADAPT2, Adaptation models, attack surface, Autonomic computing, autonomic resource management techniques, Autonomic Security, composability, computer network security, crippling applications, distributed edge computing systems, Distributed Systems, dynamic placement, Dynamic scheduling, edge security, fault tolerant computing, Internet of Things, Internet-of-Things, load dynamics, Moving-Target Defense, obfuscate resource management, pubcrawl, quality of service, Resiliency, resource allocation, Resource management, resource management substrate, Robustness, security, side-channel attacks, single compromised node, Software, state estimation, state estimation techniques, valuable system |
Abstract | Autonomic resource management for distributed edge computing systems provides an effective means of enabling dynamic placement and adaptation in the face of network changes, load dynamics, and failures. However, adaptation in-and-of-itself offers a side channel by which malicious entities can extract valuable information. An attacker can take advantage of autonomic resource management techniques to fool a system into misallocating resources and crippling applications. Using a few scenarios, we outline how attacks can be launched using partial knowledge of the resource management substrate - with as little as a single compromised node. We argue that any system that provides adaptation must consider resource management as an attack surface. As such, we propose ADAPT2, a framework that incorporates concepts taken from Moving-Target Defense and state estimation techniques to ensure correctness and obfuscate resource management, thereby protecting valuable system and application information from leaking. |
DOI | 10.1109/MILCOM47813.2019.9020984 |
Citation Key | noor_case_2019 |