Autonomic Cyber Security: Design, Analysis and Evaluation (Salim Hariri, Jerzy Rosenblit, Youssif Alnashif, Ali Akoglu)
Abstract
The increased dependence on cyber systems in business, finance, government and education make them prime targets for cyberattacks due to the profound and catastrophic damage these attacks might inflict on our economy and all aspects of our life. It is widely recognized that cyber resources and services can be penetrated and exploited. Furthermore, it is widely accepted that the cyber resilient techniques are the most promising solutions to mitigate cyber attacks and change the game to advantage the defender over the attacker. In this presentation, I will present
an approach based on biological systems to develop autonomic cybersecurity technologies that will significantly change how we manage, secure and protect cyber resources and services. Our approach is based on autonomic computing (self-manage systems with little or no involvement from users or system administrators), data mining, and anomaly behavior analysis techniques. The main building component to implement Autonomic Cyber Security (ACS) are: 1) Appflow to accurately detect current operational state of any cyber system and predict its behavior in the near future; 2) Anomaly Behavior Analysis (ABA) methodology that can detect with high accuracy and almost no false alarms any anomalous behavior triggered by cyberattacks, faults (hardware or software) and accidents (malicious or natural); and 3) Self-Management Engine to deliver automated and semi-automated actions so we can proactively stop or mitigate the impacts of cyberattacks. I will show through several examples how to apply ACS to secure and protect a wide range of cyber systems and applications.
A short bio
Salim Hariri is a Professor in the Department of Electrical and Computer Engineering at The University of Arizona. He received his Ph.D. in computer engineering from University of Southern California in 1986, and an MSc from The Ohio State University in 1982.
He is the UA site director of NSF Center for Cloud and Autonomic Computing and he is the Editor-In-Chief for the CLUSTER COMPUTING JOURNAL (Springer, http://clus.edmgr.com) that presents research techniques and results in the area of high speed networks, parallel and distributed computing, software tools, and network-centric applications. He is the Founder of the IEEE/ACM International Symposium on High Performance Distributed Computing (HPDC) and the co-founder of the IEEE/ACM International Conference on Autonomic Computing and ACM Cloud and Autonomic Computing Conference. He is co-author/editor of four books on Autonomic computing, parallel and distributed computing: Autonomic Computing,: Concepts, Infrastructure, and Applications (CRC Press, 2007), Tools and Environments for Parallel and Distributed Computing (Wiley, 2004), Virtual Computing: Concept, Design and Evaluation (Kluwer, 2001), and Active Middleware Services (Kluwer, 2000). Dr. Hariri developed innovative cybersecurity behavior analysis tools, resilient cloud services, and autonomic software tools including AUTONOMIA: An Autonomic Control and Management Environment, Platform Autonomic Manager to automatically manage and control the applications and the computing resources of any high performance computing system, Autonomic Network Defense (AND) to secure and protect networks against any type of network attacks (known or unknown), and Autonomic Critical Infrastructure Protection (ACIP) system to secure and protect industrial control systems such as smart grids, smart buildings and cities.
