Mission critical systems are prevalent in the military and industry which renders them attractive as targets for security attacks. Their constantly increasing structural complexity contributes to benign faults and further facilitates malicious entities. Over the years, these malicious entities in cyber-space have grown smarter and extremely resourceful. Advanced persistent threats (APT) is a clear example of this growing sophistication. APTs are characterized by extreme stealth, advanced skill-set, vast resources and a markedly high success rate. Consequently, mission survivability has become an essential necessity for today's mission critical systems. Most existing survivability solutions are simple combinations of traditional security measures such as network monitoring, firewalls, etc. These solutions increase the cost of attacks but do not necessarily decrease the probability of a compromise substantially. This calls for further advancement of current mission survivability solutions.
The focus of this dissertation is the robust designing and efficient deployment of an effective mission survivability solution. Such a solution must be capable of withstanding APT, one of the hardest threats encountered in recent times. The solution presented for this purpose relies upon the understanding of attacker intent, objectives and strategies (AIOS). AIOS aids in the designing of better recovery and adaptation procedures for enhanced survivability.
This solution has centralized and distributed versions with hardware-support to hide and safeguard information from the adversaries. This provides it with the capability to deceive and quietly monitor the cyber space. Hardware-support is provided by either modifying the test-logic of the underlying processor or using the trusted platform module (TPM) that is integral to the processor. The solution also ensures the tamper-resistance of its critical security components which is achieved by employing the principle of coveillance and concepts from graph theory. Another important feature is its capability to effectively and efficiently detect zero-day attacks in a production environment. This is accomplished by carefully planned deployment and real-time customization of honeypots. Each design choice and the techniques employed are thoroughly tested and validated via simulation and experimentation. Strong security and tamper-resistant properties, along with its efficiency, could make it a good survivability strategy against APT for which no good solutions currently exist.
|Advisor:||Upadhyaya, Shambhu J.|
|Commitee:||Demirbas, Murat, Rao, H. Raghav|
|School:||State University of New York at Buffalo|
|Department:||Computer Science and Engineering|
|School Location:||United States -- New York|
|Source:||DAI-B 81/8(E), Dissertation Abstracts International|
|Keywords:||Advanced persistent attacks, Deception, Honeypots, Mission critical systems, Security, Survivability|
Copyright in each Dissertation and Thesis is retained by the author. All Rights Reserved
The supplemental file or files you are about to download were provided to ProQuest by the author as part of a
dissertation or thesis. The supplemental files are provided "AS IS" without warranty. ProQuest is not responsible for the
content, format or impact on the supplemental file(s) on our system. in some cases, the file type may be unknown or
may be a .exe file. We recommend caution as you open such files.
Copyright of the original materials contained in the supplemental file is retained by the author and your access to the
supplemental files is subject to the ProQuest Terms and Conditions of use.
Depending on the size of the file(s) you are downloading, the system may take some time to download them. Please be