Title :
Meta-control for Adaptive Cybersecurity in FUZZBUSTER
Author :
Musliner, David J. ; Friedman, Scott E. ; Rye, Jeffrey M. ; Marble, Tom
Author_Institution :
Smart Inf. Flow Technol. (SIFT), Minneapolis, MN, USA
Abstract :
Modern cyber attackers use sophisticated, highly-automated vulnerability search and exploit development tools to find new ways to break into target computers. To protect against such threats, we are developing FUZZBUSTER, a host-based adaptive security system that automatically discovers faults in hosted applications and incrementally refines and repairs the underlying vulnerabilities. To perform this self-adaptation, FUZZBUSTER uses meta-control to coordinate a diverse and growing set of custom and off-the-shelf fuzz-testing tools. FUZZ Buster´s greedy meta-control strategy considers adaptation deadlines, the exploit potential of vulnerabilities, the usage schedule of vulnerable applications, and the expected performance of its various fuzz-testing and adaptation tools. In this paper, we demonstrate how FUZZ Buster´s meta-control reasons efficiently about these factors, managing task selection to maximize the system´s safety and effectiveness.
Keywords :
program testing; scheduling; security of data; FUZZBUSTER system; adaptation deadlines; adaptation tools; adaptive cybersecurity; fuzz-testing tools; greedy meta-control strategy; host-based adaptive security system; hosted applications; task selection management; usage schedule; vulnerabilities potential; vulnerability search; vulnerable applications; cybersecurity; fuzz-testing; meta-control; self-adaptive immunity;
Conference_Titel :
Self-Adaptive and Self-Organizing Systems (SASO), 2013 IEEE 7th International Conference on
Conference_Location :
Philadelphia, PA
DOI :
10.1109/SASO.2013.29
