| Intelligent Distributed Computing Department |
| Distributed Systems Technology Group Papers |
|
|
|
|
Automating Cyber Defense Management
Citation: Partha Pal, Franklin Webber, Michael Atighetchi, Paul Rubel, Paul Benjamin. Automating Cyber Defense Management. Second International Workshop on Recent Advances in Intrusion Tolerant Systems at EuroSys 2008, Glasgow, UK, Mar 31- Apr 4, 2008.
Formats: pdf
Abstract Last year, we reported [1] our success in setting a new high-water mark for intrusion tolerance. That success can largely be attrib-uted to our use of a survivability architecture, which refers to the organization of a set of concrete defense mechanisms for pre-venting intrusion, and for detecting and responding to intrusions that cannot be prevented. The system defense-enabled with the DPASA survivability architecture [2] showed a high level of re-sistance to sustained attacks by sophisticated adversaries, but needed expert operators to perform the role of an intelligent con-trol loopinterpreting the events reported by the survivable system as well as deciding in some cases which defense mecha-nisms to actuate. We took the position that the survivability archi-tecture must be extended to include part, if not all, of the func-tionality of the intelligent control loop. This paper is a work in progress report of our current research attempting to introduce a cognitive control loop into survivability architectures.
