Turtles all the way down: a clean-slate, ground-up, first-principles approach to secure systems
Proceedings of the 2012 workshop on New security paradigms
Architecture-based self-protecting software systems
Proceedings of the 9th international ACM Sigsoft conference on Quality of software architectures
A Systematic Survey of Self-Protecting Software Systems
ACM Transactions on Autonomous and Adaptive Systems (TAAS) - Special Section on Best Papers from SEAMS 2012
Hi-index | 0.00 |
Current cyber defenses are reactive and cannot protect against customized malware and other zero day attacks which persist for many weeks. Using Receiver Operating Characteristic curve analysis and damage cost models, we trade-off the true positive rate and false positive rate to compare alternative architectures. This analysis provides optimal value(s) of Probability of Detection by evaluating the potential damage from a missed intrusion and costs of processing false positives. In this paper, we propose an approach which involves determining the influencing factors of each strategy and studying the impact of their variations within the context of an integrated intrusion defense strategy. Our goal is to manage the intrusion risks by proactively scheduling recovery for dependable networks.