Visible to the public Coordinated Machine Learning-Based Vulnerability & Security Patching for Resilient Virtual Computing InfrastructureConflict Detection Enabled

Submitted by nzahan on Sat, 06/18/2022 - 8:40pm

PI(s), Co-PI(s), Researchers:

PI: Helen Gu; Researchers: Olufogorehan Tunde-Onadele (Fogo)

HARD PROBLEM(S) ADDRESSED
This refers to Hard Problems, released November 2012.

Resilient Architectures

Our research aims at aiding administrators of virtualized computing infrastructures in making services more resilient to security attacks through applying machine learning to reduce both security and functionality risks in software patching by continually monitoring patched and unpatched software to discover vulnerabilities and triggering proper security updates.

PUBLICATIONS
Papers written as a result of your research from the current quarter only.

"SHIL: Self-Supervised Hybrid Learning for Security Attack Detection in Containerized Applications", Yuhang Lin, Olufogorehan Tunde-Onadele, Xiaohui Gu Jingzhu He, and Hugo Latapie, The IEEE IEEE International Conference on Autonomic Computing and Self-Organizing Systems, September, 2022.

"Understanding Software Security Vulnerabilities in Cloud Server Systems", Olufogorehan Tunde-Onadele, Yuhang Lin, Xiaohui Gu and Jingzhu He, The IEEE International Conference on Cloud Engineering (IC2E), September, 2022.

"Toward Automatic Detection of Cloud Server Security Vulnerabilities",
Olufogorehan Tunde-Onadele, Yuhang Lin, Xiaohui Gu, and Jingzhu He
9th Annual Symposium on Hot Topics in the Science of Security Symposium (HotSoS), poster session, April, 2022.

KEY HIGHLIGHTS

In this quarter, both our self-supervised hybrid machine learning work and our software security vulnerability work were accepted for conference publication.

We continued to refine our security bug detection work using new static program analysis and pattern extraction techniques. Our initial results show that we can detect the culprit code block with sufficiently low false positives.


Each effort should submit one or two specific highlights. Each item should include a paragraph or two along with a citation if available. Write as if for the general reader of IEEE S&P.
The purpose of the highlights is to give our immediate sponsors a body of evidence that the funding they are providing (in the framework of the SoS lablet model) is delivering results that "more than justify" the investment they are making.


COMMUNITY ENGAGEMENTS

EDUCATIONAL ADVANCES:

Groups: