Visible to the public Autonomic Security

SoS Newsletter- Advanced Book Block

Autonomic Security

Autonomic computing refers to the self-management of complex distributed computing resources, that can adapt to unpredictable changes with transparency to operators and users. Security is one of the four key elements of autonomic computing and includes proactive identification and protection from arbitrary attacks. The articles cited here describe research into the security problems associated with a variety of autonomic systems and were published in the first half of 2014. Topics include autonomic security regarding vulnerability assessments, intelligent sensors, encryption, services, and the Internet of Things.

  • Barrere, M.; Badonnel, R.; Festor, O., "Vulnerability Assessment in Autonomic Networks and Services: A Survey," Communications Surveys & Tutorials, IEEE , vol.16, no.2, pp.988,1004, Second Quarter 2014. Autonomic networks and services are exposed to a large variety of security risks. The vulnerability management process plays a crucial role for ensuring their safe configurations and preventing security attacks. We focus in this survey on the assessment of vulnerabilities in autonomic environments. In particular, we analyze current methods and techniques contributing to the discovery, the description and the detection of these vulnerabilities. We also point out important challenges that should be faced in order to fully integrate this process into the autonomic management plane.
    Keywords: computer network security; fault tolerant computing; autonomic management plane; autonomic networks; autonomic services; security attacks; security risks; vulnerability assessment; vulnerability management process; Autonomic systems; Business; Complexity theory; Computers; Monitoring; Security; Vulnerability assessment; autonomic computing; computer security; vulnerability management (ID#:14-2046)
  • Vollmer, T.; Manic, M.; Linda, O., "Autonomic Intelligent Cyber-Sensor to Support Industrial Control Network Awareness," Industrial Informatics, IEEE Transactions on , vol.10, no.2, pp.1647,1658, May 2014. The proliferation of digital devices in a networked industrial ecosystem, along with an exponential growth in complexity and scope, has resulted in elevated security concerns and management complexity issues. This paper describes a novel architecture utilizing concepts of autonomic computing and a simple object access protocol (SOAP)-based interface to metadata access points (IF-MAP) external communication layer to create a network security sensor. This approach simplifies integration of legacy software and supports a secure, scalable, and self-managed framework. The contribution of this paper is twofold: 1) A flexible two-level communication layer based on autonomic computing and service oriented architecture is detailed and 2) three complementary modules that dynamically reconfigure in response to a changing environment are presented. One module utilizes clustering and fuzzy logic to monitor traffic for abnormal behavior. Another module passively monitors network traffic and deploys deceptive virtual network hosts. These components of the sensor system were implemented in C++ and PERL and utilize a common internal D-Bus communication mechanism. A proof of concept prototype was deployed on a mixed-use test network showing the possible real-world applicability. In testing, 45 of the 46 network attached devices were recognized and 10 of the 12 emulated devices were created with specific operating system and port configurations. In addition, the anomaly detection algorithm achieved a 99.9% recognition rate. All output from the modules were correctly distributed using the common communication structure.
    Keywords: access protocols; computer network security ;fault tolerant computing; field buses; fuzzy logic; industrial control; intelligent sensors; meta data; network interfaces; pattern clustering; C++;IF-MAP; PERL; SOAP-based interface; anomaly detection algorithm; autonomic computing; autonomic intelligent cyber-sensor; digital device proliferation; flexible two-level communication layer; fuzzy logic; industrial control network awareness; internal D-Bus communication mechanism; legacy software; metadata access point external communication layer; mixed-use test network; network security sensor; networked industrial ecosystem; proof of concept prototype; self-managed framework; service oriented architecture; simple object access protocol-based interface; traffic monitor; virtual network hosts; Autonomic computing; control systems; industrial ecosystems; network security; service-oriented architecture (ID#:14-2047)
  • Azab, M., "Multidimensional Diversity Employment for Software Behavior Encryption," New Technologies, Mobility and Security (NTMS), 2014 6th International Conference on, vol., no., pp.1,5, March 30 2014-April 2, 2014. Modern cyber systems and their integration with the infrastructure has a clear effect on the productivity and quality of life immensely. Their involvement in our daily life elevate the need for means to insure their resilience against attacks and failure. One major threat is the software monoculture. Latest research work demonstrated the danger of software monoculture and presented diversity to reduce the attack surface. In this paper, we propose ChameleonSoft, a multidimensional software diversity employment to, in effect, induce spatiotemporal software behavior encryption and a moving target defense. ChameleonSoft introduces a loosely coupled, online programmable software-execution foundation separating logic, state and physical resources. The elastic construction of the foundation enabled ChameleonSoft to define running software as a set of behaviorally-mutated functionally-equivalent code variants. ChameleonSoft intelligently Shuffle, at runtime, these variants while changing their physical location inducing untraceable confusion and diffusion enough to encrypt the execution behavior of the running software. ChameleonSoft is also equipped with an autonomic failure recovery mechanism for enhanced resilience. In order to test the applicability of the proposed approach, we present a prototype of the ChameleonSoft Behavior Encryption (CBE) and recovery mechanisms. Further, using analysis and simulation, we study the performance and security aspects of the proposed system. This study aims to assess the provisioned level of security by measuring the avalanche effect percentage and the induced confusion and diffusion levels to evaluate the strength of the CBE mechanism. Further, we compute the computational cost of security provisioning and enhancing system resilience.
    Keywords: computational complexity; cryptography; multidimensional systems; software fault tolerance ;system recovery; CBE mechanism; ChameleonSoft Behavior Encryption; ChameleonSoft recovery mechanisms ;autonomic failure recovery mechanism; avalanche effect percentage; behaviorally-mutated functionally-equivalent code variants; computational cost; confusion levels; diffusion levels; moving target defense; multidimensional software diversity employment; online programmable software-execution foundation separating logic; security level; security provisioning; software monoculture; spatiotemporal software behavior encryption; system resilience; Employment; Encryption; Resilience; Runtime; Software; Spatiotemporal phenomena (ID#:14-2048)
  • Schaefer, J., "A Semantic Self-Management Approach For Service Platforms," Network Operations and Management Symposium (NOMS), 2014 IEEE, vol., no., pp.1,4, 5-9 May 2014. Future personal living environments feature an increasing number of convenience-, health- and security-related applications provided by distributed services, which do not only support users but require tasks such as installation, configuration and continuous administration. These tasks are becoming tiresome, complex and error-prone. One way to escape this situation is to enable service platforms to configure and manage themselves. The approach presented here extends services with semantic descriptions to enable platform-independent autonomous service level management using model driven architecture and autonomic computing concepts. It has been implemented as a OSGi-based semantic autonomic manager, whose concept, prototypical implementation and evaluation are presented.
    Keywords: distributed processing; fault tolerant computing ;service-oriented architecture; OSGi-based semantic autonomic manager; autonomic computing concepts; configuration task; continuous administration task; convenience-related applications; distributed services; health-related applications; installation task; model driven architecture; platform-independent autonomous service level management; security-related applications; semantic descriptions; semantic self-management approach; service platforms; Computational modeling; Grounding; Knowledge based systems; Monitoring; Ontologies; Quality of service; Semantics; Autonomic Computing; Model Driven Architecture; Ontologies; Semantic Services; Service Level Management (ID#:14-2049)
  • Leong, P.; Liming Lu, "Multiagent Web for the Internet of Things," Information Science and Applications (ICISA), 2014 International Conference on, vol., no., pp.1,4, 6-9 May 2014. The Internet of Things (IOT) is a network of networks where massively large numbers of objects or things are interconnected to each other through the network. The Internet of Things brings along many new possibilities of applications to improve human comfort and quality of life. Complex systems such as the Internet of Things are difficult to manage because of the emergent behaviours that arise from the complex interactions between its constituent parts. Our key contribution in the paper is a proposed multiagent web for the Internet of Things. Corresponding data management architecture is also proposed. The multiagent architecture provides autonomic characteristics for IOT making the IOT manageable. In addition, the multiagent web allows for flexible processing on heterogeneous platforms as we leverage off web protocols such as HTTP and language independent data formats such as JSON for communications between agents. The architecture we proposed enables a scalable architecture and infrastructure for a web-scale multiagent Internet of Things.
    Keywords: Internet; Internet of Things ;electronic data interchange; multi-agent systems; transport protocols; HTTP; JSON; Web protocols; Web-scale multiagent Internet of Things; data management architecture ;heterogeneous platforms; language independent data formats; multiagent Web; multiagent architecture; network of networks; Cloud computing; Computer architecture ;Databases; Internet of Things; Protocols; Security; Sensors (ID#:14-2050)
  • Gelenbe, E., "A Software Defined Self-Aware Network: The Cognitive Packet Network," Network Cloud Computing and Applications (NCCA), 2014 IEEE 3rd Symposium on , vol., no., pp.9,14, 5-7 Feb. 2014. This article is a summary description of the Cognitive Packet Network (CPN) which is an example both of a completely software defined network (SDN) and of a self-aware computer network (SAN) which has been completely implemented and used in numerous experiments. CPN is able to observe its own internal performance as well as the interfaces of the external systems that it interacts with, in order to modify its behaviour so as to adaptively achieve objectives, such as discovering services for its users, improving their Quality of Service (QoS), reduce its own energy consumption, compensate for components which fail or malfunction, detect and react to intrusions, and defend itself against attacks.
    Keywords: cognitive radio; quality of service; software radio; telecommunication computing; telecommunication security; CPN; QoS; SAN; SDN; cognitive packet network; quality of service; self-aware computer network; software defined self-aware network; Delays; Energy consumption; Quality of service; Security; Software; Storage area networks; QoS; autonomic communications; energy savings; measurement based goal driven behaviour; network security; self-aware networks; software defined networks (ID#:14-2051)
  • Kuklinski, S., "Programmable Management Framework For Evolved SDN," Network Operations and Management Symposium (NOMS), 2014 IEEE, vol., no., pp.1,8, 5-9 May 2014. In the paper a programmable management framework for SDN networks is presented. The concept is in-line with SDN philosophy - it can be programmed from scratch. The implemented management functions can be case dependent. The concept introduces a new node in the SDN architecture, namely the SDN manager. In compliance with the latest trends in network management the approach allows for embedded management of all network nodes and gradual implementation of management functions providing their code lifecycle management as well as the ability to on-the-fly code update. The described concept is a bottom-up approach, which key element is distributed execution environment (PDEE) that is based on well-established technologies like OSGI and FIPA. The described management idea has strong impact on the evolution of the SDN architecture, because the proposed distributed execution environment is a generic one, therefore it can be used not only for the management, but also for distributing of control or application functions.
    Keywords: codes; software radio; telecommunication network management; FIPA; OSGI; PDEE; SDN architecture; SDN manager; SDN networks; SDN philosophy; bottom-up approach; code lifecycle management; distributed execution environment; evolved SDN; management functions; network management; on-the-fly code update; programmable management framework; software-defined networking; Computer architecture; Control systems; Hardware; IP networks; Protocols; Security; Software; FIPA; OSGi; SDN; autonomic network management; network management (ID#:14-2052)
  • Ravindran, K.; Rabby, M.; Adiththan, A, "Model-based Control Of Device Replication For Trusted Data Collection," Modeling and Simulation of Cyber-Physical Energy Systems (MSCPES), 2014 Workshop on , vol., no., pp.1,6, 14-14 April 2014. Voting among replicated data collection devices is a means to achieve dependable data delivery to the end-user in a hostile environment. Failures may occur during the data collection process: such as data corruptions by malicious devices and security/bandwidth attacks on data paths. For a voting system, how often a correct data is delivered to the user in a timely manner and with low overhead depicts the QoS. Prior works have focused on algorithm correctness issues and performance engineering of the voting protocol mechanisms. In this paper, we study the methods for autonomic management of device replication in the voting system to deal with situations where the available network bandwidth fluctuates, the fault parameters change unpredictably, and the devices have battery energy constraints. We treat the voting system as a `black-box' with programmable I/O behaviors. A management module exercises a macroscopic control of the voting box with situational inputs: such as application priorities, network resources, battery energy, and external threat levels.
    Keywords: quality of service ;security of data; trusted computing ;QoS; algorithm correctness; bandwidth attack; black-box; data corruptions; device replication autonomic management; malicious devices; security attack ;trusted data collection; voting protocol mechanisms; Bandwidth; Batteries; Data collection; Delays; Frequency modulation; Protocols; Quality of service; Adaptive Fault-tolerance; Attacker Modeling; Hierarchical Control; Sensor Replication; Situational Assessment (ID#:14-2053)
  • Hamze, M.; Mbarek, N.; Togni, O., "Self-establishing a Service Level Agreement Within Autonomic Cloud Networking Environment," Network Operations and Management Symposium (NOMS), 2014 IEEE , vol., no., pp.1,4, 5-9 May 2014. Today, cloud networking which is the ability to connect the user with his cloud services and to interconnect these services within an inter-cloud approach, is one of the recent research areas in the cloud computing research communities. The main drawback of cloud networking consists in the lack of Quality of Service (QoS) guarantee and management in conformance with a corresponding Service Level Agreement (SLA). Several research works have been proposed for the SLA establishing in cloud computing, but not in cloud networking. In this paper, we propose an architecture for self-establishing an end-to-end service level agreement between a Cloud Service User (CSU) and a Cloud Service Provider (CSP) in a cloud networking environment. We focus on QoS parameters for NaaS and IaaS services. The architecture ensures a self-establishing of the proposed SLA using autonomic cloud managers.
    Keywords: cloud computing; contracts; quality of service; CSP; IaaS services; NaaS services; QoS; Quality of Service; SLA; autonomic cloud managers; autonomic cloud networking environment; cloud computing research communities; cloud service provider; cloud service user; service level agreement; Availability; Bandwidth; Cloud computing; Computer architecture; Quality of service; Security (ID#:14-2054)


Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to SoS.Project (at) for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.