Security in an autonomic computing environment
IBM Systems Journal
A survey of autonomic communications
ACM Transactions on Autonomous and Adaptive Systems (TAAS)
IEEE Transactions on Neural Networks
Deviance from perfection is a better criterion than closeness to evil when identifying risky code
Proceedings of the IEEE/ACM international conference on Automated software engineering
Towards automatic security management: a model-based approach
Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop
A Systematic Survey of Self-Protecting Software Systems
ACM Transactions on Autonomous and Adaptive Systems (TAAS) - Special Section on Best Papers from SEAMS 2012
Hi-index | 0.00 |
In the context of autonomic environment, we present a simple yet, effective Danger Theory based method to detect TCP SYN Flooding attack. An autonomous communication network consists of self-managed (i.e. self-configuring, self-awareness, self-optimization, self-healing and self-protection, collectively denoted as self-*) entities. These self-* properties ensure functioning of the network without or very minimum human intervention. In such an environment, security of the system is very challenging as there is no dedicated authority to monitor malicious activities and each entity, the computing device, has to monitor itself. Denial of service (DoS) attack, in particular flooding attack, is one of the most frequent and devastating attacks on networks. Traditionally, the detection of flooding attacks is achieved by a network-based intrusion detection system (IDS), mainly relying on the statistical characteristics of network data with fine tuning from a human administrator by monitoring the traffic continuously. Obviously, such facility is not assumed in autonomic networks. We, therefore, propose a danger theory based approach that can detect DoS attack in an automatic manner. The proposed scheme is able to detect SYN flood attack in its early stage, thereby enabling to control the damage. To empirically validate our proposal, we conduct experiments in a simulated environment and the results are encouraging. We assert that the work will be useful in designing the security of autonomic networks.