Resilient Architectures

group_project

Visible to the public Coordinated Machine Learning-Based Vulnerability & Security Patching for Resilient Virtual Computing Infrastructure

This research aims at aiding administrators of virtualized computing infrastructures in making services more resilient to security attacks through applying machine learning to reduce both security and functionality risks in software patching by continually monitoring patched and unpatched software to discover vulnerabilities and triggering proper security updates.

group_project

Visible to the public Resilient Monitoring and Control

CPS employ Networked Control Systems (NCS) to facilitate real-time monitoring and control. Security of the NCS infrastructure is a large problem due to (1) the wide deployment of commercial-off-the-shelf (COTS) computing devices, (2) the connectivity of NCS with the Internet, and (3) the existence of organized motivated attackers. Traditional IT security solutions are used in NCS, they cannot prevent all cyber attacks. Our goal is to complement IT security with resilient algorithms for monitoring and control in order to reduce NCS security risks.

group_project

Visible to the public Threat Modeling/Risk Analysis

With the increased use of cyber physical systems in current defense, medical, and energy applications, it is critical for the infrastructure to remain secure. As such, it is important to identify potential security flaws early in the design process in order to produce a consistent, secure and reliable system with minimal fabrication costs. This task can be accomplished using threat modeling. Threat modeling can be separated into two diverse fragments, asset centric and attack centric threat modeling.

group_project

Visible to the public A Hypothesis Testing Framework for Network Security

This project develops a scientific approach to testing hypotheses about network security when those tests must consider layers of complex interacting policies within the network stack. The work is motivated by observation that the infrastructure of large networks is hideously complex, and so is vulnerable to various attacks on services and data. Coping with these vulnerabilities consumes significant human management time, just trying to understand the network's behavior.

group_project

Visible to the public Data Driven Security Models and Analysis

In security more than in other computing disciplines, professionals depend heavily on rapid analysis of voluminous streams of data gathered by a combination of network-, file-, and system-level monitors. The data are used both to maintain a constant vigil against attacks and compromises on a target system and to improve the monitoring itself.