Dissertation/Thesis Abstract

Schemes for Surviving Advanced Persistent Threats
by Mehresh, Ruchika, Ph.D., State University of New York at Buffalo, 2013, 159; 3598713
Abstract (Summary)

Mission critical systems are prevalent in the military and industry which renders them attractive as targets for security attacks. Their constantly increasing structural complexity contributes to benign faults and further facilitates malicious entities. Over the years, these malicious entities in cyber-space have grown smarter and extremely resourceful. Advanced persistent threats (APT) is a clear example of this growing sophistication. APTs are characterized by extreme stealth, advanced skill-set, vast resources and a markedly high success rate. Consequently, mission survivability has become an essential necessity for today's mission critical systems. Most existing survivability solutions are simple combinations of traditional security measures such as network monitoring, firewalls, etc. These solutions increase the cost of attacks but do not necessarily decrease the probability of a compromise substantially. This calls for further advancement of current mission survivability solutions.

The focus of this dissertation is the robust designing and efficient deployment of an effective mission survivability solution. Such a solution must be capable of withstanding APT, one of the hardest threats encountered in recent times. The solution presented for this purpose relies upon the understanding of attacker intent, objectives and strategies (AIOS). AIOS aids in the designing of better recovery and adaptation procedures for enhanced survivability.

This solution has centralized and distributed versions with hardware-support to hide and safeguard information from the adversaries. This provides it with the capability to deceive and quietly monitor the cyber space. Hardware-support is provided by either modifying the test-logic of the underlying processor or using the trusted platform module (TPM) that is integral to the processor. The solution also ensures the tamper-resistance of its critical security components which is achieved by employing the principle of coveillance and concepts from graph theory. Another important feature is its capability to effectively and efficiently detect zero-day attacks in a production environment. This is accomplished by carefully planned deployment and real-time customization of honeypots. Each design choice and the techniques employed are thoroughly tested and validated via simulation and experimentation. Strong security and tamper-resistant properties, along with its efficiency, could make it a good survivability strategy against APT for which no good solutions currently exist.

Indexing (document details)
Advisor: Upadhyaya, Shambhu J.
Commitee: Demirbas, Murat, Rao, H. Raghav
School: State University of New York at Buffalo
Department: Computer Science and Engineering
School Location: United States -- New York
Source: DAI-B 81/8(E), Dissertation Abstracts International
Source Type: DISSERTATION
Subjects: Computer science
Keywords: Advanced persistent attacks, Deception, Honeypots, Mission critical systems, Security, Survivability
Publication Number: 3598713
ISBN: 9781658402309
Copyright © 2020 ProQuest LLC. All rights reserved. Terms and Conditions Privacy Policy Cookie Policy
ProQuest