Acme: architectural description of component-based systems
Foundations of component-based systems
Practical byzantine fault tolerance and proactive recovery
ACM Transactions on Computer Systems (TOCS)
The Vision of Autonomic Computing
Computer
Software Rejuvenation: Analysis, Module and Applications
FTCS '95 Proceedings of the Twenty-Fifth International Symposium on Fault-Tolerant Computing
Security in an autonomic computing environment
IBM Systems Journal
ADEPTS: Adaptive Intrusion Response Using Attack Graphs in an E-Commerce Environment
DSN '05 Proceedings of the 2005 International Conference on Dependable Systems and Networks
A taxonomy of intrusion response systems
International Journal of Information and Computer Security
IEEE Software
Evaluating the effectiveness of the Rainbow self-adaptive system
SEAMS '09 Proceedings of the 2009 ICSE Workshop on Software Engineering for Adaptive and Self-Managing Systems
Highly Available Intrusion-Tolerant Services with Proactive-Reactive Recovery
IEEE Transactions on Parallel and Distributed Systems
VASP: virtualization assisted security monitor for cross-platform protection
Proceedings of the 2011 ACM Symposium on Applied Computing
Architecture-based run-time fault diagnosis
ECSA'11 Proceedings of the 5th European conference on Software architecture
A Comparison of Intrusion-Tolerant System Architectures
IEEE Security and Privacy
Combining intrusion detection and recovery for enhancing system dependability
DSNW '11 Proceedings of the 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops
Stitch: A language for architecture-based self-adaptation
Journal of Systems and Software
Diagnosing architectural run-time failures
Proceedings of the 8th International Symposium on Software Engineering for Adaptive and Self-Managing Systems
Hi-index | 0.00 |
Since conventional software security approaches are often manually developed and statically deployed, they are no longer sufficient against today's sophisticated and evolving cyber security threats. This has motivated the development of self-protecting software that is capable of detecting security threats and mitigating them through runtime adaptation techniques. In this paper, we argue for an architecture-based self- protection (ABSP) approach to address this challenge. In ABSP, detection and mitigation of security threats are informed by an architectural representation of the running system, maintained at runtime. With this approach, it is possible to reason about the impact of a potential security breach on the system, assess the overall security posture of the system, and achieve defense in depth. To illustrate the effectiveness of this approach, we present several architecture adaptation patterns that provide reusable detection and mitigation strategies against well-known web application security threats. Finally, we describe our ongoing work in realizing these patterns on top of Rainbow, an existing architecture-based adaptation framework.