Visible to the public Architecture-based Self-protection: Composing and Reasoning About Denial-of-service Mitigations

TitleArchitecture-based Self-protection: Composing and Reasoning About Denial-of-service Mitigations
Publication TypeConference Paper
Year of Publication2014
AuthorsSchmerl, Bradley, Cámara, Javier, Gennari, Jeffrey, Garlan, David, Casanova, Paulo, Moreno, Gabriel A., Glazier, Thomas J., Barnes, Jeffrey M.
Conference NameProceedings of the 2014 Symposium and Bootcamp on the Science of Security
Conference LocationRaleigh, NC, USA
ISBN Number978-1-4503-2907-1
KeywordsACM CCS, Architectures, CPS Technologies, cyber security, denial-of-service, Formal Methods and Theory of Security, Formal Security Models, Foundations, Hardware Security Implementation, Hardware-Based Security Protocols, Logic and Verification, Modeling, probabilistic model checking, science of security, Security in Hardware, self-adaptation, Validation and Verification

Security features are often hardwired into software applications, making it difficult to adapt security responses to reflect changes in runtime context and new attacks. In prior work, we proposed the idea of architecture-based self-protection as a way of separating adaptation logic from application logic and providing a global perspective for reasoning about security adaptations in the context of other business goals. In this paper, we present an approach, based on this idea, for combating denial-of-service (DoS) attacks. Our approach allows DoS-related tactics to be composed into more sophisticated mitigation strategies that encapsulate possible responses to a security problem. Then, utility-based reasoning can be used to consider different business contexts and qualities. We describe how this approach forms the underpinnings of a scientific approach to self-protection, allowing us to reason about how to make the best choice of mitigation at runtime. Moreover, we also show how formal analysis can be used to determine whether the mitigations cover the range of conditions the system is likely to encounter, and the effect of mitigations on other quality attributes of the system. We evaluate the approach using the Rainbow self-adaptive framework and show how Rainbow chooses DoS mitigation tactics that are sensitive to different business contexts.

Citation KeySchmerl:2014:ASC:2600176.2600181