1 / 16

Practical and Theoretical Issues on Adaptive Security

Practical and Theoretical Issues on Adaptive Security. Alexander Shnitko Novosibirsk State Technical University. Structure of the presentation. Introduction Motivation for adaptive security Common problem definition Formalization General adaptive model Mathematical description

altessa
Download Presentation

Practical and Theoretical Issues on Adaptive Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Practical and Theoretical Issues on Adaptive Security Alexander Shnitko Novosibirsk State Technical University

  2. Structure of the presentation • Introduction • Motivation for adaptive security • Common problem definition • Formalization • General adaptive model • Mathematical description • Methods of solution • Contribution to practical tasks • Adaptation for different types of security tasks • Illustrative samples of the adaptation • Implementation issues • Verification issues • Related works • Conclusions

  3. Complex security systems Theoretical issues • Adaptive security problem definition • Security process couldn’t be predetermined • Complete formalization couldn’t be provided • Environment is complex and heterogeneous • Important practical security factors • Secondary place in overall information infrastructure • Explicitly cross-disciplinary subject • Non uniform foundations for security tools and methods • Related trends in information security • International standardization (ISO: 17799, 15408, Industry: ISS, Capgemini) • Unifying local solutions to develop universal solutions • Fuzzy problem definitions Practical issues

  4. Adaptive information security Contribute to different types of security tasks • Object of adaptation • General and special information security functions • Hardware and software information security tools • Overall information security system • Goals of adaptation • Security object and environment identification • Security process performance optimization • General improving of information security • Types of adaptation • Parameters adaptation • Structure adaptation • Goal adaptation Several tasks for adaptive security Simple and complex methods of the adaptation

  5. Levels of security adaptation Communication protocols, special software and hardware Servers, Workstation, special software and hardware tools Local software and hardware Cryptography, security models, etc.

  6. General Adaptive Security Model Environment X / U / Analyzer Device Detector Device Responder Device Complex Security System Control Device F U X Y Influence of the Environment Control Object Influence on the Environment

  7. Common formalization A task of adaptation is considered as a problem of optimal control of specified object F. State S of the object and its influence Y on the environment depends on influences Y of the environment and set of adaptable factors U. Goals Z of the adaptive control are defined by specific constraints on the state of the object. • Security goals expressed as formal constraints on the state of the system • Control Theory notions is used to describe dynamic security processes

  8. Mathematical formalization Constraints expressed as: Where Mxis a function for average-out by the states of the environment, and h/, g/, q/ is actually measured systems parameters

  9. Adaptive algorithms – adoptable parameters vector and vectors of the values of the criterion function measured from till moments of time – recurrent algorithm of the adaptation Process of adaptation in the adoptable factors space Process of adaptation in the system states space

  10. Adaptation on different levels • Formal methods • Model treated in notion of building blocks of formal algorithms • Integration of special adaptive algorithms in traditional tasks • Standalone workstation • Adaptation in TCB • Fuzzy definition and special adaptive algorithms • Local network • Adaptation in servers, workstations and security perimeter • Evolutionary adaptation in agent-based models (cyber-warfare) • Distributed network • Adaptation in information channels • Redundancy and adaptive optimization

  11. Illustrative samples • Adaptive self-scanning • Level of adaptation: Workstation or Local Network level • Goals: Improve general availability, decrease risk of DDoS attack • Solutions: Optimized searchless adaptive algorithms • Security policy adaptation • Level of adaptation: Workstation or Local Network • Goals: Improve overall security, decrease risk of attack propagation • Solutions: Special stochastic adaptive algorithms

  12. Implementation issues • Obstacles for the implementation • Complexity of correct definition of goals and restrictions • Necessity of continuous system and environment identification • Speed requirements for the adaptive algorithms • Some methods of solution • Redundancy and optimization • Expert and analytical data usage • Special algorithms from the Control Theory

  13. Verification issues • Correct integration of adaptive security • Building secure system from insecure components • Multi-level security • Testing of practical adaptive systems • Specification testing • Stressful testing • Statistical contributions

  14. Related work • Adaptation in special information security tasks • Carney M., Loe B., A Comparison of Methods for Implementing Adaptive Security Policies • Reiher P., Eustice K., Sung K.-M., Adapting Encrypted Data Streams in Open Architectures • Lee W., Cabrera J., Thomas A., Balwalli N., Saluja S., Zhang Y., Performance Adaptation in Real-Time Intrusion Detection Systems • Adaptation in broader context • Badrinath B., Fox A., Kleinrock L., Popek G., Reiher P., Satyanarayanan M., A Conceptual Framework for Network and Client Adaptation • Marcus L., Local and Global Requirements in an Adaptive Security Infrastructure

  15. Conclusions • Adaptation in Security Context • Advantages • Contribution to the real-world information security with fuzzy definition and uncertain conditions • Access to the methods and tools from the Control Theory for the needs of the adaptation • Disadvantages • Effectiveness is very dependant on the correct definition of security goals • The additional resources required for the adaptation processes • Further work • Development and analysis of adaptive algorithms for specific security problems • Research of the usage of statistical methods for optimization and verification of the adaptive systems

  16. Thank you!

More Related