Annual Computer Security Applications Conference (ACSAC) 2012

Full Program »

T8: Systems Resilience and Metrics: A Cyber Security Perspective

Tuesday, 4 December 2012
13:30 - 17:00

Sussex

Resilience is generally considered to be a highly desirable property for critical systems and applications.  However, as much as the term has been used and applied in different contexts, it still lacks a clear definition, a well-understood set of properties, and most importantly a reasonable set of metrics for evaluation.  From a cyber security perspective, the concept is even more important and a lot more complex, as it must encompass more than just the availability aspects of the system. 

In this short course we will introduce some the previous research in systems resilience and review some of the proposed definitions and applications of the concept. 

We explore some of the different ways computer scientists and engineers have attempted to create more resilient systems, and provide a short reading list for practitioners.  A brief survey of the different techniques described in the literature is provided, and a discussion is given of these approaches’ strengths and weaknesses.  Particular attention is paid to biologically-inspired resilience, which is explored in further detail. 

The course concludes with a discussion of resilience metrics and provides guidelines for comparing and analyzing the resilience of critical systems and applications.  These metrics are then applied to resilience in a real world case: malicious code.

Prerequisites: None.

Outline

  1. Definitions and performance metrics (1 hour)

Definitions of Resilience in different domains and applications. Previous effort on estimating and measuring resilience. The concept of Resilience applied to Integrity, Confidentiality and Availability. Dynamic defense for Systems Resilience.

  1. Resilience techniques in the literature (1 hour)

Literature overview of resilience techniques. Technique properties and applications. Strengths and weaknesses of different approaches. Resilience in biological systems. Ecological systems. Scale. Response diversity. Functional redundancy. Neuroscience. Cognitive processing. Counterparts in the cyber domain.

  1. Resilience Metrics in cyber security (1 hour)

A review of metrics for cyber security. What is in a number?  Discussing metrics for Resilience. Guidelines for developing and evaluating measurements of resilient systems. Applying the previous material to a real world problem.

About the Instructors:

Dr. Marco M. Carvalho is an Associate Professor at the Florida Institute of Technology, and a Research Scholar/Scientist at the Institute for Human and Machine Cognition. He graduated in Mechanical Engineering at the University of Brasilia (UnB), where he also completed his M.Sc. in Mechanical Engineering with specialization in dynamic systems and control. Dr. Carvalho also holds a M.Sc. in Computer Science from the University of West Florida and a Ph.D. in Computer Science from Tulane University, with specialization in Machine Learning and Data Mining. Dr. Carvalho currently leads several research efforts in the areas of cyber security, moving target defense, critical infrastructure protection, and tactical communication systems, primarily sponsored by the Department of Defense, the U.S. Army Research Laboratory, the U.S. Air Force Research Laboratory, ONR, the National Science Foundation, DoE and Industry. Dr. Carvalho's research interests include resilient distributed systems, multi-agent systems and emergent approaches to systems optimization and security.

Dr. Richard Ford graduated from the University of Oxford in 1992 with a D.Phil. in Quantum Physics. Since that time, he has worked extensively in the area of computer security and malicious mobile code prevention. Previous projects include work on the Computer Virus Immune System at IBM Research, and development of the world's largest web hosting system whilst Director of Engineering for Verio. He is currently the Harris Professor of Assured Information at Florida Institute of Technology, and director of the University's Harris Institute for Assured Information. Ford is a member of CARO and President of the Anti-Malware Testing Standards Organization, an industry advisory body made up of many of the leading anti-malware companies and test developers.

Dr. Liam M. Mayron is an Assistant Professor in the Harris Institute for Assured Information and the Department of Computer Sciences at the Florida Institute of Technology. Prior to joining Florida Tech, he was at Harris Corp., where he undertook a variety of research projects with a focus on information and knowledge management. He received his Ph.D. and B.S. degrees in computer engineering from Florida Atlantic University and his M.S. degree in the same field from the University of Florida. Previously, he founded a company that offered Web-based news content aggregation, query, and dissemination products. His research interests include cyber security, content-based image retrieval, biologically-inspired computing, and multimedia systems.

 

Powered by OpenConf®
Copyright ©2002-2012 Zakon Group LLC