A model-based approach to self-protection in computing system

Authors:
Qian Chen;Sherif Abdelwahed;Abdelkarim Erradi
Affiliations:
Mississippi State University;Mississippi State University;Qatar University
Venue:
Proceedings of the 2013 ACM Cloud and Autonomic Computing Conference
Year:
2013

Citing 11
Cited 0

The Vision of Autonomic Computing

Computer
IFTS: Intrusion Forecast and Traceback based on Union Defense Environment

ICPADS '05 Proceedings of the 11th International Conference on Parallel and Distributed Systems - Volume 01
Diversity to Enhance Autonomic Computing Self-Protection

ARES '06 Proceedings of the First International Conference on Availability, Reliability and Security
A survey of autonomic computing—degrees, models, and applications

ACM Computing Surveys (CSUR)
Inoculation against malware infection using kernel-level software sensors

Proceedings of the 8th ACM international conference on Autonomic computing
Self-Protection in a Clustered Distributed System

IEEE Transactions on Parallel and Distributed Systems
On the application of predictive control techniques for adaptive performance management of computing systems

IEEE Transactions on Network and Service Management
Quality-of-protection (QoP)-an online monitoring and self-protection mechanism

IEEE Journal on Selected Areas in Communications
A self-tuning self-optimizing approach for automated network anomaly detection systems

Proceedings of the 9th international conference on Autonomic computing
A Self-Protection Mechanism against Stepping-Stone Attacks for IaaS Clouds

UIC-ATC '12 Proceedings of the 2012 9th International Conference on Ubiquitous Intelligence and Computing and 9th International Conference on Autonomic and Trusted Computing
Towards automatic security management: a model-based approach

Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper introduces a model-based autonomic security management (ASM) approach to estimate, detect and identify security attacks along with planning a sequence of actions to effectively protect the networked computing system. In the proposed approach, sensors collect system and network parameters and send the data to the forecasters and the intrusion detection systems (IDSes). A multi-objective controller selects the optimal protection method to recover the system based on the signature of attacks. The proposed approach is demonstrated on several case studies including Denial of Service (DoS) attacks, SQL Injection attacks and memory exhaustion attacks. Experiments show that the ASM approach can successfully defend and recover the victim host from known and unknown attacks while maintaining QoS with low overheads.