How to withstand mobile virus attacks (extended abstract)
PODC '91 Proceedings of the tenth annual ACM symposium on Principles of distributed computing
Extending and formalizing the framework for information systems architecture
IBM Systems Journal
Inoculating software for survivability
Communications of the ACM
An introduction to intrusion detection
Crossroads - Special issue on computer security
Supporting reconfigurable security policies for mobile programs
Proceedings of the 9th international World Wide Web conference on Computer networks : the international journal of computer and telecommunications netowrking
Intrusion detection inter-component adaptive negotiation
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
Practical byzantine fault tolerance and proactive recovery
ACM Transactions on Computer Systems (TOCS)
Toward cost-sensitive modeling for intrusion detection and response
Journal of Computer Security
The Vision of Autonomic Computing
Computer
Experience with EMERALD to Date
Proceedings of the Workshop on Intrusion Detection and Network Monitoring
The Design and Implementation of an Intrusion Tolerant System
DSN '02 Proceedings of the 2002 International Conference on Dependable Systems and Networks
SAM: Security Adaptation Manager
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
HICSS '03 Proceedings of the 36th Annual Hawaii International Conference on System Sciences (HICSS'03) - Track 9 - Volume 9
Building Auto-Adaptive Distributed Applications: The QuO-APOD Experience
ICDCSW '03 Proceedings of the 23rd International Conference on Distributed Computing Systems
Software Rejuvenation: Analysis, Module and Applications
FTCS '95 Proceedings of the Twenty-Fifth International Symposium on Fault-Tolerant Computing
Threat Modeling
Security in an autonomic computing environment
IBM Systems Journal
Automatic analysis of firewall and network intrusion detection system configurations
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
Adaptive Cyberdefense for Survival and Intrusion Tolerance
IEEE Internet Computing
Toward autonomic web services trust and selection
Proceedings of the 2nd international conference on Service oriented computing
ADEPTS: Adaptive Intrusion Response Using Attack Graphs in an E-Commerce Environment
DSN '05 Proceedings of the 2005 International Conference on Dependable Systems and Networks
The taser intrusion recovery system
Proceedings of the twentieth ACM symposium on Operating systems principles
Fast and automated generation of attack signatures: a basis for building self-protecting servers
Proceedings of the 12th ACM conference on Computer and communications security
Towards self-protecting ubiquitous systems: monitoring trust-based interactions
Personal and Ubiquitous Computing
Survivability Architecture of a Mission Critical System: The DPASA Example
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Closing Cluster Attack Windows Through Server Redundancy and Rotations
CCGRID '06 Proceedings of the Sixth IEEE International Symposium on Cluster Computing and the Grid
Architecture-based self-adaptation in the presence of multiple objectives
Proceedings of the 2006 international workshop on Self-adaptation and self-managing systems
Intrusion-Tolerant Middleware: The Road to Automatic Security
IEEE Security and Privacy
SRDS '06 Proceedings of the 25th IEEE Symposium on Reliable Distributed Systems
Guest Editorial: From intrusion detection to self-protection
Computer Networks: The International Journal of Computer and Telecommunications Networking
SweetBait: Zero-hour worm detection and containment using low- and high-interaction honeypots
Computer Networks: The International Journal of Computer and Telecommunications Networking
Protecting host-based intrusion detectors through virtual machines
Computer Networks: The International Journal of Computer and Telecommunications Networking
A self-aware approach to denial of service defence
Computer Networks: The International Journal of Computer and Telecommunications Networking
Using the danger model of immune systems for distributed defense in modern data networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
Automated adaptive intrusion containment in systems of interacting services
Computer Networks: The International Journal of Computer and Telecommunications Networking
Journal of Systems and Software
Towards security monitoring patterns
Proceedings of the 2007 ACM symposium on Applied computing
A Cost-Sensitive Model for Preemptive Intrusion Response Systems
AINA '07 Proceedings of the 21st International Conference on Advanced Networking and Applications
Self-Managed Systems: an Architectural Challenge
FOSE '07 2007 Future of Software Engineering
Fuzzy Multi-Level Security: An Experiment on Quantified Risk-Adaptive Access Control
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
A Survey of Approaches to Adaptive Application Security
SEAMS '07 Proceedings of the 2007 International Workshop on Software Engineering for Adaptive and Self-Managing Systems
Adaptive SSL: Design, Implementation and Overhead Analysis
SASO '07 Proceedings of the First International Conference on Self-Adaptive and Self-Organizing Systems
An Adaptive Security Model for Multi-agent Systems and Application to a Clinical Trials Environment
COMPSAC '07 Proceedings of the 31st Annual International Computer Software and Applications Conference - Volume 02
Hypervisor-Based Efficient Proactive Recovery
SRDS '07 Proceedings of the 26th IEEE International Symposium on Reliable Distributed Systems
Towards Self-Protecting Enterprise Applications
ISSRE '07 Proceedings of the The 18th IEEE International Symposium on Software Reliability
Boosting-Based Distributed and Adaptive Security-Monitoring through Agent Collaboration
WI-IATW '07 Proceedings of the 2007 IEEE/WIC/ACM International Conferences on Web Intelligence and Intelligent Agent Technology - Workshops
Resilient Intrusion Tolerance through Proactive and Reactive Recovery
PRDC '07 Proceedings of the 13th Pacific Rim International Symposium on Dependable Computing
Application-level isolation and recovery with solitude
Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
Application of autonomic agents for global information grid management and security
Proceedings of the 2007 Summer Computer Simulation Conference
A taxonomy of intrusion response systems
International Journal of Information and Computer Security
Autonomic trust reasoning enables misbehavior detection in OLSR
Proceedings of the 2008 ACM symposium on Applied computing
An adaptive automatically tuning intrusion detection system
ACM Transactions on Autonomous and Adaptive Systems (TAAS)
A survey of autonomic computing—degrees, models, and applications
ACM Computing Surveys (CSUR)
Applying component-based design to self-protection of ubiquitous systems
Proceedings of the 3rd ACM workshop on Software engineering for pervasive services
A proactive wireless self-protection system
Proceedings of the 5th international conference on Pervasive services
A Survey of Context Adaptation in Autonomic Computing
ICAS '08 Proceedings of the Fourth International Conference on Autonomic and Autonomous Systems
Policy-Based Enforcement of Database Security Configuration through Autonomic Capabilities
ICAS '08 Proceedings of the Fourth International Conference on Autonomic and Autonomous Systems
Architecting Dependable and Secure Systems Using Virtualization
Architecting Dependable Systems V
A Model-Based Framework for Security Policy Specification, Deployment and Testing
MoDELS '08 Proceedings of the 11th international conference on Model Driven Engineering Languages and Systems
IEEE Software
A Dynamic and Self-Adaptive Network Security Policy Realization Mechanism
NPC '08 Proceedings of the 2008 IFIP International Conference on Network and Parallel Computing
Using a Cognitive Architecture to Automate Cyberdefense Reasoning
BLISS '08 Proceedings of the 2008 Bio-inspired, Learning and Intelligent Systems for Security
Multi-Level Intrusion Detection System (ML-IDS)
ICAC '08 Proceedings of the 2008 International Conference on Autonomic Computing
A QoS and Security Adaptation Model for Autonomic Pervasive Systems
COMPSAC '08 Proceedings of the 2008 32nd Annual IEEE International Computer Software and Applications Conference
Vigilante: End-to-end containment of Internet worm epidemics
ACM Transactions on Computer Systems (TOCS)
Self-optimization of secure web services
Computer Communications
GEMOM - Significant and Measurable Progress beyond the State of the Art
ICSNC '08 Proceedings of the 2008 Third International Conference on Systems and Networks Communications
Runtime Security Adaptation Using Adaptive SSL
PRDC '08 Proceedings of the 2008 14th IEEE Pacific Rim International Symposium on Dependable Computing
AutoISES: automatically inferring security specifications and detecting violations
SS'08 Proceedings of the 17th conference on Security symposium
An adaptive security model using agent-oriented MDA
Information and Software Technology
Self-adaptive software: Landscape and research challenges
ACM Transactions on Autonomous and Adaptive Systems (TAAS)
Computer Networks: The International Journal of Computer and Telecommunications Networking
Self-Architecting Software SYstems (SASSY) from QoS-annotated activity models
PESOS '09 Proceedings of the 2009 ICSE Workshop on Principles of Engineering Service Oriented Systems
Software Engineering for Self-Adaptive Systems: A Research Roadmap
Software Engineering for Self-Adaptive Systems
From Auto-adaptive to Survivable and Self-Regenerative Systems Successes, Challenges, and Future
NCA '09 Proceedings of the 2009 Eighth IEEE International Symposium on Network Computing and Applications
Understanding SCA (Service Component Architecture)
Understanding SCA (Service Component Architecture)
Danger theory based SYN flood attack detection in autonomic network
Proceedings of the 2nd international conference on Security of information and networks
A Framework for Cost Sensitive Assessment of Intrusion Response Selection
COMPSAC '09 Proceedings of the 2009 33rd Annual IEEE International Computer Software and Applications Conference - Volume 01
CSE '09 Proceedings of the 2009 International Conference on Computational Science and Engineering - Volume 03
ACM Transactions on Autonomous and Adaptive Systems (TAAS)
Run-time selection of security algorithms for networked devices
Proceedings of the 5th ACM symposium on QoS and security for wireless and mobile networks
Ripley: automatically securing web 2.0 applications through replicated execution
Proceedings of the 16th ACM conference on Computer and communications security
Dynamic security policy learning
Proceedings of the first ACM workshop on Information security governance
DASC '09 Proceedings of the 2009 Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing
Highly Available Intrusion-Tolerant Services with Proactive-Reactive Recovery
IEEE Transactions on Parallel and Distributed Systems
A software framework for autonomic security in pervasive environments
ICISS'07 Proceedings of the 3rd international conference on Information systems security
A Policy Management Framework for Self-Protection of Pervasive Systems
ICAS '10 Proceedings of the 2010 Sixth International Conference on Autonomic and Autonomous Systems
An exemplary attack scenario: threats to production engineering inspired by the Conficker worm
Proceedings of the First International Workshop on Digital Engineering
Adaptive security level for data aggregation in wireless sensor networks
ISWPC'10 Proceedings of the 5th IEEE international conference on Wireless pervasive computing
Security-driven model-based dynamic adaptation
Proceedings of the IEEE/ACM international conference on Automated software engineering
Putting together QoS and security in autonomic pervasive systems
Proceedings of the 6th ACM workshop on QoS and security for wireless and mobile networks
The use of artificial intelligence based techniques for intrusion detection: a review
Artificial Intelligence Review
Virtual Security Kernel: A Component-Based OS Architecture for Self-Protection
CIT '10 Proceedings of the 2010 10th IEEE International Conference on Computer and Information Technology
Security-Measurability-Enhancing Mechanisms for a Distributed Adaptive Security Monitoring System
SECURWARE '10 Proceedings of the 2010 Fourth International Conference on Emerging Security Information, Systems and Technologies
A survey on self-healing systems: approaches and systems
Computing - Cloud Computing
VASP: virtualization assisted security monitor for cross-platform protection
Proceedings of the 2011 ACM Symposium on Applied Computing
A framework for evaluating quality-driven self-adaptive software systems
Proceedings of the 6th International Symposium on Software Engineering for Adaptive and Self-Managing Systems
Stuxnet: Dissecting a Cyberwarfare Weapon
IEEE Security and Privacy
A Comparison of Intrusion-Tolerant System Architectures
IEEE Security and Privacy
Adaptive Rule-Based Malware Detection Employing Learning Classifier Systems: A Proof of Concept
COMPSACW '11 Proceedings of the 2011 IEEE 35th Annual Computer Software and Applications Conference Workshops
Combining intrusion detection and recovery for enhancing system dependability
DSNW '11 Proceedings of the 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops
A survey of security in multi-agent systems
Expert Systems with Applications: An International Journal
Development and runtime support for situation-aware security in autonomic computing
ATC'06 Proceedings of the Third international conference on Autonomic and Trusted Computing
Self-Protection in a Clustered Distributed System
IEEE Transactions on Parallel and Distributed Systems
FORMS: Unifying reference model for formal specification of distributed self-adaptive systems
ACM Transactions on Autonomous and Adaptive Systems (TAAS) - Special section on formal methods in pervasive computing, pervasive adaptation, and self-adaptive systems: Models and algorithms
Taxonomies of attacks and vulnerabilities in computer systems
IEEE Communications Surveys & Tutorials
An Automatically Tuning Intrusion Detection System
IEEE Transactions on Systems, Man, and Cybernetics, Part B: Cybernetics
Countering Network-Centric Insider Threats through Self-Protective Autonomic Rule Generation
SERE '12 Proceedings of the 2012 IEEE Sixth International Conference on Software Security and Reliability
Formal Certification and Compliance for Run-Time Service Environments
SCC '12 Proceedings of the 2012 IEEE Ninth International Conference on Services Computing
Requirements-driven adaptive security: Protecting variable assets at runtime
RE '12 Proceedings of the 2012 IEEE 20th International Requirements Engineering Conference (RE)
| Hi-index | 0.00 |
Self-protecting software systems are a class of autonomic systems capable of detecting and mitigating security threats at runtime. They are growing in importance, as the stovepipe static methods of securing software systems have been shown to be inadequate for the challenges posed by modern software systems. Self-protection, like other self-* properties, allows the system to adapt to the changing environment through autonomic means without much human intervention, and can thereby be responsive, agile, and cost effective. While existing research has made significant progress towards autonomic and adaptive security, gaps and challenges remain. This article presents a significant extension of our preliminary study in this area. In particular, unlike our preliminary study, here we have followed a systematic literature review process, which has broadened the scope of our study and strengthened the validity of our conclusions. By proposing and applying a comprehensive taxonomy to classify and characterize the state-of-the-art research in this area, we have identified key patterns, trends and challenges in the existing approaches, which reveals a number of opportunities that will shape the focus of future research efforts.