Flux Research Group / School of Computing

A3: An Environment for Self-Adaptive Diagnosis and Immunization of Novel Attacks

No PDF availalbe

Partha Pal, Richard Schantz, Aaron Paulos, Brett Benyo, David Johnson, Mike Hibler, and Eric Eide

Proceedings of the 6th IEEE International Conference on Self-Adaptive and Self-Organizing Systems Workshops (SASOW) 2012.

DOI: 10.1109/SASOW.2012.13

Security, Virtualization


This paper describes an ongoing research effort aiming to use adaptation to defend individual applications against novel attacks.  Application focused adaptive security spans adaptive use of security mechanisms in both the host and the network.  The work presented in this paper is developing key infrastructure capabilities and supporting services including mandatory mediation of application I/O, record and replay of channel interaction, and VMI-based monitoring and analysis of execution that will facilitate replay-based diagnosis and patch derivation for attacks that succeed and go unnoticed until a known undesired condition manifests.  After describing the basics, we present the results from our initial evaluation and outline the next steps.