Visible to the public An Automated Synthesis Framework for Network Security and Resilience - October 2022Conflict Detection Enabled

Submitted by mikeprosise on Tue, 10/11/2022 - 10:22am

PI: Matthew Caesar

Co-PI: Dong (Kevin) Jin

Researchers: Matthew Caesar, Dong (Kevin) Jin, Bingzhe Liu, Santhosh Prabhu, Xiaoliang Wu

HARD PROBLEM(S) ADDRESSED
This refers to Hard Problems, released November 2012.

This project is developing the analysis methodology needed to support scientific reasoning about the resilience and security of networks, with a particular focus on network control and information/data flow. The core of this vision is an automated synthesis framework (ASF), which will automatically derive network state and repairs, from a set of specified correctness requirements and security policies. ASF consists of a set of techniques for performing and integrating security and resilience analyses applied at different layers in a real-time and automated fashion. This project is building both theoretical underpinnings and a practical realization of Science of Security. The proposed project covers four hard problems: (1) resilient architectures (primary), (2) scalability and composability, (3) policy-governed secure collaboration, and (4) security-metrics-driven evaluation, design, development and deployment.

PUBLICATIONS
Papers written as a result of your research from the current quarter only.

  • Reuben Samson Raj and Dong Jin. A Framework to Evaluate PMU Networks for Resiliency Under Network Failure Conditions. In Proceedings of the 2020 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm) 2022
  • Umar Farooq, Mubashir Anwar, Haris Noor, Rashid Tahir, Santhosh Prabhu, Ali Kheradmand, Matthew Caesar, Fareed Zaffar, FORTIFY: Software Defined Data Plane Resilience, IEEE NFV-SDN, November 2022.

KEY HIGHLIGHTS
Each effort should submit one or two specific highlights. Each item should include a paragraph or two along with a citation if available. Write as if for the general reader of IEEE S&P.
The purpose of the highlights is to give our immediate sponsors a body of evidence that the funding they are providing (in the framework of the SoS lablet model) is delivering results that "more than justify" the investment they are making.

In the current quarter, our project progress is centered on addressing SoS lablet hard problems primarily in resilient architecture. Key highlights are listed as follows.

  • We continue to develop a simulation-based platform for cyber-physical system resilience and security evaluation, which addresses the resilient architecture and scalability hard problem. In the current quarter, we discovered that when the non-CPU resources (e.g., disk I/O, network I/O, GPU) are overwhelmingly used, our exiting virtual time system yields fidelity issues. Therefore, we propose a new module, Dynamic I/O Load Monitor, to be integrated into VT-IO to improve the emulation fidelity. We conduct comprehensive experiments to analyze the performance of VT-IO with various I/O loads. We then mathematically model the behavior of the I/O load and develop an I/O task scheduling algorithm. The next step is to implement the module in the Linux Kernel to dynamically adjust the I/O time based on the current load of the host machine to maintain high temporal fidelity with an extensive evaluation.
  • We continue to explore methods to detect and mitigate attacks caused by IoT botnets in the context of smart grid to address the resilient architecture hard problem. In the current quarter, we propose a new programmable IoT network architecture and a federated machine learning based detection model to identify suspicious attack packets. We are adding P4 switch support to our testbed integrating the OpenDSS and Mininet for MAD attack simulation, detection model training, and mitigation method evaluation. We recently presented a research poster "Yanfeng Qu, Gong Chen, Zheng Hu, Su Feng, Dong Jin. Detection and Mitigation of IoT-Based Load Altering Attacks in Microgrid" at the IIT Student Research Seminar in Fall 2022.
  • We have developed a design and evaluation framework for a self-driving "service provider infrastructure" that leverages our prior work on verification and synthesis to address the resilient architecture hard problem. In the current quarter, we continue to focus on network and container orchestration systems (e.g., Kubernetes). Our platform leverages AI planning algorithms to synthesize steps the system needs to take to protect itself against incoming attacks from an intelligent adversary. The team has a collaborative research project on applying model checking to embedded devices and networks. One application is to verify the power system's full observability policy in phasor measurement unit (PMU) network design under cyber-attacks and link/device failures. We designed a three-step algorithm to evaluate the resilience of a PMU network in the context of link failures. We modeled the PMU network as a connected graph and checked the reachability of PMU nodes to phase data concentrator (PDC) nodes for link failure combinations given an expected number of links that fail simultaneously. Using the IEEE 14-bus system, we illustrated the construction of the graph model and the solution design. We also performed a comparative evaluation on how adding redundant links to the network improves the Power System Observability on the IEEE 118 bus-system. A paper describing the work has been accepted by the 2022 IEEE SmartGridComm conference.

COMMUNITY ENGAGEMENTS

  • Matthew Caesar is serving as the Vice Chair for ACM SIGCOMM
  • Matthew Caesar is serving on the Steering Committees for ACM CoNEXT and ACM SOSR
  • Kevin Jin is serving as a Program Co-chair for ACM SIGSIM-PADS 2023.
  • Kevin Jin is serving as a guest editor for TOMACS-PADS special issue 2022/2023
  • Matthew Caesar will serve on the Program Committee for USENIX NSDI 2023.
  • Matthew Caesar is serving as a co-chair for the Networking Channel (https://networkingchannel.eu/), an online talk series for computer networking, systems, and security topics that is a joint initiative between EU's Empower initiative, the National Science Foundation's PAWR office, and ACM SIGCOMM. Talks are held online and are open to all, to provide broad reach into the community.

EDUCATIONAL ADVANCES

  • Neil Getty successfully defended his Ph.D. dissertation in July 2022. He joined Argonne National Lab as a Computational Scientist.
  • Matthew Caesar has undertaken substantial work to update his Internet of Things MOOC, which reaches over 17,000 students, including development of two new laboratory assignments allowing students to explore cybersecurity of Cisco IOS and core networks, as well as AWS IoT and cloud IoT platforms.
  • Matthew Caesar is also teaching CS 437: Internet of Things at the University of Illinois, which covers advanced concepts and security practices in IoT, and which will be taught to about 150 on-campus graduates/undergraduates, as well as about 150 graduate students who are part of the Illinois Masters in Computer Science program, many of whom are software development professionals working in companies across many sectors.
Groups: