Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al...
-
Upload
robin-iversen -
Category
Documents
-
view
214 -
download
0
Transcript of Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al...
![Page 1: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/1.jpg)
Resilient Dynamic Data Driven Application Systems (rDDDAS)
Glynis Dsouza, Salim Hariri, Youssif Al Nashif
University of Arizona
Gabriel Rodriguez, University of A. Coruna
This project is partially supported by
AFOSR DDDAS Award Number FA95550-12-1-0241
Project Title: DDDAS-based Resilient Cyberspace (DRCS)
Dr. Frederica Darema, AFSOR
![Page 2: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/2.jpg)
Presentation OutlineMotivations and BackgroundResilient Cloud Application Services-
Architecture-Architectural Components-Self Management-Software Behavior Encryption Approach
Experimental Results-Testbed Configuration-Applications Tested
Conclusions and Future Work
![Page 3: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/3.jpg)
Cybersecurity Challenges
• Current cybersecurity technologies failed to secure and protect our cyberspace resources and services
• They are mainly signature based, manual intensive and ad-hoc; • According to Phishing Activity Trends Report, data-stealing increased from 36% in
2010 to more than 45% in April 2011.
• Cyber attacks can get costly if not resolved quickly. The average time to resolve a cyber attack is 18 days, with an average cost to participating organizations of $415,748. Results show that malicious insider attacks can take more than 45 days on average to contain.
• Information theft continues to represent the highest external cost, followed by the costs associated with business disruption
Cyber crimes are intrusive and common occurrences. – Caused by malicious code, denial of service, stolen or hijacked devices and
malicious insiders
![Page 4: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/4.jpg)
Challenging research problem due to many interdependent tasks
Reasons for challenge– Software Monoculture– Dynamic Environment– Social Networking
Organizations give control to cloud provider
Cloud Security Challenges
![Page 5: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/5.jpg)
Current software systems are static
Easy for attacker to study behavior of system and generate attacks
Vulnerabilities in one software can propagate to a great extent
Software Monoculture
![Page 6: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/6.jpg)
We cannot build systems that will not be attacked
Attack efforts will always be present
Cyber resilient techniques are most promising
There is a need to change the game to advantage the defender over the attacker
Need for resilience
![Page 7: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/7.jpg)
Vision
– Create, evaluate and deploy mechanisms and strategies that are diverse, continually shift, and change over time to increase complexity and costs for attackers, limit the exposure of vulnerabilities and opportunities for attack, and increase system resiliency (Source:”CyberSecurity Game-
Change Research and Development Recommendations”)
Moving Target Defense (MTD)
7
![Page 8: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/8.jpg)
MTD Attack Lifetime
Small time window for attacker
![Page 9: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/9.jpg)
rDDDAS Approach
Diversity in the execution environment
Redundancy in the resources
Runtime hot shuffling of execution variants
![Page 10: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/10.jpg)
rDDDAS Architecture
Closed loop architecture
Continuous feedback
DDDAS Components
![Page 11: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/11.jpg)
Self- ManagementObserver
- Monitoring
- Analysis of current state
Controller - Management of
cyber operations
- Enforcement of resilient
operational policiesSelf-Management architecture
![Page 12: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/12.jpg)
Diversity– Hot Shuffling software variants at runtime– Variants are functionally equivalent, behaviorally
different
Redundancy– Multiple replicas on different physical hardware
Shuffling
Software Behavior Encryption
![Page 13: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/13.jpg)
Experimental Results
![Page 14: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/14.jpg)
Host Hardware
Virtualization Layer
Quad core Memory Storage
Virtual OS
Appl. Level Diversity
Sel
f-M
anag
emen
t
Ap
As
Runtime Monitoring
: :
V1
VM1- Windows
Self-Management Layer
Hooks
Virtual OS
Appl. Level DiversityS
elf-
Man
agem
ent
Ap
As
Runtime Monitoring
: :
V2
VM2- Linux
Self-Management Layer
Hooks
Virtual OS
Appl. Resiliency
Sel
f-M
anag
emen
t
A BRuntime
Monitoring
: :
Vs
VM - Supervisory
Self-Management Layer
Hooks
Testbed Configuration
![Page 15: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/15.jpg)
IBM BladeCenter HS22 based Private Cloud
University of Arizona’s Autonomic Computing Lab
Evaluated on a three node cluster
Each node has multiple versions
Version consists of combination of:– Operating System– Programming Language– E.g. <Linux, C++>, <Windows, Java>
Experimental Environment
![Page 16: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/16.jpg)
Large-Scale Data Processing
MapReduce provides– Automatic parallelization & distribution
MapReduce Wordcount program
Application 1 – MapReduce (MR)
![Page 17: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/17.jpg)
MapReduce- Setup
Host Hardware- IBM Bladecenter Private Cloud
Node 1 Node 2 Node 3 Node N
Linux Windows Windows Linux WindowsLinux
Java
V 1Java Java Java Java JavaC++ C++ C++ C++ C++ C++
V 2 V 3 V 4 V 5 V 6 V 7 V 8 V 9 V 10 V 11 V 12
V3
V1
V1
V7
V4
V5
V2
V6
V2
Phase 1
Phase 2
Phase 3
Self Management
Master 1 Master 2 Master 3
![Page 18: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/18.jpg)
SBE example- MapReduce
![Page 19: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/19.jpg)
MapReduce – Attack Scenarios
During validation, SM checks current environment and if
okay, DSSC starts the application execution cycle
Case 1: During validation, SM detects an error in V4 and
DSSC selects the first error free output from v5 or v12
Case 2: During validation, SM detects compromised results of V9 and DSSC selects the first error free result from V3
or V7
![Page 20: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/20.jpg)
Case 1: Resilience against Dos Attacks
Denial of Service attack on Windows VM-6
Response Time (in seconds)
Without DoS attack With DoS attack
Without MTD 95 615
With MTD 105 105
![Page 21: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/21.jpg)
Case 2:Resilience against Insider Attacks
Response Time (in seconds)
Without Insider attack With Insider attack
Without MTD 95 No response
With MTD 105 105
% increase in response time with MTD 11%
Compromise attack on Linux VM-1
![Page 22: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/22.jpg)
Need for Automated checkpointing
Need for transferring state between diverse environments
Checkpointing and Portability
![Page 23: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/23.jpg)
Compiler for Portable Checkpointing (CPPC)
23
Periodically saves computation state to stable storage
Automated checkpoint insertion in C, C++, Fortran codes
Ability to resume application execution by resuming state on different operating systems and programming languages
![Page 24: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/24.jpg)
Jacobii’s Iterative Linear Equation Solver
Central SBE machine randomly selects a supervisor for one phase
Supervisor randomly selects a phase timer.
All three nodes run the three phases independently in independent versions
At the end of each phase, checkpoints are passed to the supervisor
Supervisor selects the most recent and correct checkpoint and passes to the SBE machine
Application 2
![Page 25: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/25.jpg)
Application 2 - Setup
![Page 26: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/26.jpg)
Application 2 - Flowchart for each phase
Start Phase Timer
SBE Machine
![Page 27: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/27.jpg)
Application 2 - Flowchart for each phase
End Phase Timer
CheckpointCheckpoint
Checkpoint
End Phase Timer
SBE Machine
![Page 28: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/28.jpg)
Application 2 - Overhead Execution time with SBE in seconds
Execution Time in seconds without
SBE
2 phases 3 phases 4 phases Time OH Time OH Time OH
200 218 9% 248 24% 276 38%
800 838 5% 890 11% 988 24%
1500 1568 5% 1624 8% 1663 11%
3600 3671 2% 3847 7% 3890 8%
![Page 29: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/29.jpg)
DoS attack on V1
Insider attack on Supervisor 2
Compromise of two Virtual Machines
Application 2 – Attack Scenarios
Illustration of Attack scenario 1
![Page 30: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/30.jpg)
C programs from six categories
Each category targets a specific area of the embedded market
Programs used for testing
- Basicmath (Automotive and Industrial category)
- Dijkstra’s algorithm (Network category)
Setup is the same as Application 2
Diversity in the form of operating systems
Application 3 – MiBench
![Page 31: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/31.jpg)
Application 3 - Overhead
0 2000 4000 60000%
5%
10%
15%
20%
25%
30%
Overhead
Number of iterations
Ov
erh
ea
d
10000 20000 40000 800000%
5%
10%
15%
20%
25%
30%
2 phases
3 phases
4 phases
Number of iterations
Ove
rhea
d P
erce
nta
ge
Dijkstra’s algorithmBasicmath
![Page 32: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/32.jpg)
Application 3 – Attack Scenario
![Page 33: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/33.jpg)
Conclusions and Future Work
![Page 34: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/34.jpg)
Future Work
We have validated that our approach can make cloud applications resilient to attacks
Require finding the optimum number of:
- Versions
- Frequency of version change
- Number of replicas
Need to quantify Availability, Reliability, Resilience and Performance of the system
![Page 35: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/35.jpg)
Ongoing WorkStorage Dynamic Encryption
Division of files into parts
Each part is encrypted with a different key
Keys are hopped into time intervals
Need to find optimum number of file parts, key length and time window length
![Page 36: Resilient Dynamic Data Driven Application Systems (rDDDAS) Glynis Dsouza, Salim Hariri, Youssif Al Nashif University of Arizona Gabriel Rodriguez, University.](https://reader038.fdocuments.us/reader038/viewer/2022103121/56649c755503460f9492891c/html5/thumbnails/36.jpg)
Thank You