Presentation is loading. Please wait.

Presentation is loading. Please wait.

Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.

Similar presentations

Presentation on theme: "Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University."— Presentation transcript:

1 Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University of A. Coruna This project is partially supported by AFOSR DDDAS Award Number FA95550-12-1-0241 Project Title: DDDAS-based Resilient Cyberspace (DRCS) Dr. Frederica Darema, AFSOR

2 Presentation Outline Motivations and Background Resilient Cloud Application Services- Architecture -Architectural Components -Self Management -Software Behavior Encryption Approach Experimental Results -Testbed Configuration -Applications Tested Conclusions and Future Work

3 Cybersecurity Challenges Current cybersecurity technologies failed to secure and protect our cyberspace resources and services They are mainly signature based, manual intensive and ad-hoc; According to Phishing Activity Trends Report, data-stealing increased from 36% in 2010 to more than 45% in April 2011. Cyber attacks can get costly if not resolved quickly. The average time to resolve a cyber attack is 18 days, with an average cost to participating organizations of $415,748. Results show that malicious insider attacks can take more than 45 days on average to contain. Information theft continues to represent the highest external cost, followed by the costs associated with business disruption Cyber crimes are intrusive and common occurrences. –Caused by malicious code, denial of service, stolen or hijacked devices and malicious insiders

4 Challenging research problem due to many interdependent tasks Reasons for challenge –Software Monoculture –Dynamic Environment –Social Networking Organizations give control to cloud provider Cloud Security Challenges

5 Current software systems are static Easy for attacker to study behavior of system and generate attacks Vulnerabilities in one software can propagate to a great extent Software Monoculture

6 We cannot build systems that will not be attacked Attack efforts will always be present Cyber resilient techniques are most promising There is a need to change the game to advantage the defender over the attacker Need for resilience

7 Vision –Create, evaluate and deploy mechanisms and strategies that are diverse, continually shift, and change over time to increase complexity and costs for attackers, limit the exposure of vulnerabilities and opportunities for attack, and increase system resiliency (Source:”CyberSecurity Game- Change Research and Development Recommendations”) Moving Target Defense (MTD) 7

8 MTD Attack Lifetime Small time window for attacker

9 rDDDAS Approach Diversity in the execution environment Redundancy in the resources Runtime hot shuffling of execution variants

10 rDDDAS Architecture Closed loop architecture Continuous feedback DDDAS Components

11 Self- Management Observer - Monitoring - Analysis of current state Controller - Management of cyber operations - Enforcement of resilient operational policies Self-Management architecture

12 Diversity –Hot Shuffling software variants at runtime –Variants are functionally equivalent, behaviorally different Redundancy –Multiple replicas on different physical hardware Shuffling Software Behavior Encryption

13 Experimental Results

14 Quad core MemoryStorage Self-Management ApAp AsAs Runtime Monitoring : : V1 Hooks Self-Management ApAp AsAs Runtime Monitoring : : V2 Hooks Self-Management AB Runtime Monitoring : : Vs Hooks Testbed Configuration

15 IBM BladeCenter HS22 based Private Cloud University of Arizona’s Autonomic Computing Lab Evaluated on a three node cluster Each node has multiple versions Version consists of combination of: –Operating System –Programming Language –E.g., Experimental Environment

16 Large-Scale Data Processing MapReduce provides –Automatic parallelization & distribution MapReduce Wordcount program Application 1 – MapReduce (MR)

17 MapReduce- Setup Host Hardware- IBM Bladecenter Private Cloud Node 1 Node 2 Node 3 Node N Linux Windows LinuxWindows Linux Java V 1 Java C++ V 2V 3 V 4V 5V 6V 7 V 8V 9V 10 V 11 V 12 V3 V1 V7 V4 V5 V2 V6 V2 Phase 1 Phase 2 Phase 3 Self Management Master 1 Master 2 Master 3

18 SBE example- MapReduce

19 MapReduce – Attack Scenarios During validation, SM checks current environment and if okay, DSSC starts the application execution cycle Case 1: During validation, SM detects an error in V4 and DSSC selects the first error free output from v5 or v12 Case 2: During validation, SM detects compromised results of V9 and DSSC selects the first error free result from V3 or V7

20 Case 1: Resilience against Dos Attacks Denial of Service attack on Windows VM-6 Response Time (in seconds) Without DoS attackWith DoS attack Without MTD95615 With MTD105

21 Case 2:Resilience against Insider Attacks Response Time (in seconds) Without Insider attackWith Insider attack Without MTD95No response With MTD105 % increase in response time with MTD 11% Compromise attack on Linux VM-1

22 Need for Automated checkpointing Need for transferring state between diverse environments Checkpointing and Portability

23 Compiler for Portable Checkpointing (CPPC) 23 Periodically saves computation state to stable storage Automated checkpoint insertion in C, C++, Fortran codes Ability to resume application execution by resuming state on different operating systems and programming languages

24 Jacobii’s Iterative Linear Equation Solver Central SBE machine randomly selects a supervisor for one phase Supervisor randomly selects a phase timer. All three nodes run the three phases independently in independent versions At the end of each phase, checkpoints are passed to the supervisor Supervisor selects the most recent and correct checkpoint and passes to the SBE machine Application 2

25 Application 2 - Setup

26 Application 2 - Flowchart for each phase Start Phase Timer SBE Machine

27 Application 2 - Flowchart for each phase End Phase Timer Checkpoint End Phase Timer SBE Machine

28 Application 2 - Overhead Execution time with SBE in seconds Executio n Time in seconds without SBE 2 phases3 phases4 phases TimeOHTimeOHTimeOH 2002189%24824%27638% 8008385%89011%98824% 150015685%16248% 1663 11% 3600 3671 2% 38477% 3890 8%

29 DoS attack on V1 Insider attack on Supervisor 2 Compromise of two Virtual Machines Application 2 – Attack Scenarios Illustration of Attack scenario 1

30 C programs from six categories Each category targets a specific area of the embedded market Programs used for testing - Basicmath (Automotive and Industrial category) - Dijkstra’s algorithm (Network category) Setup is the same as Application 2 Diversity in the form of operating systems Application 3 – MiBench

31 Application 3 - Overhead Dijkstra’s algorithm Basicmath

32 Application 3 – Attack Scenario

33 Conclusions and Future Work

34 Future Work We have validated that our approach can make cloud applications resilient to attacks Require finding the optimum number of: - Versions - Frequency of version change - Number of replicas Need to quantify Availability, Reliability, Resilience and Performance of the system

35 Ongoing Work Storage Dynamic Encryption Division of files into parts Each part is encrypted with a different key Keys are hopped into time intervals Need to find optimum number of file parts, key length and time window length

36 Thank You

Download ppt "Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University."

Similar presentations

Ads by Google