TC: Medium: Collaborative Research: Towards Self-Protecting Data Centers: A Systematic Approach

TC：媒介：协作研究：迈向自我保护数据中心：系统方法

• 批准号: 0905153
• 负责人: Meng Yu
• 金额: $ 27.5万
• 依托单位: Western Illinois University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2009
• 资助国家: 美国
• 起止时间: 2009-09-01 至 2011-07-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=0905153&HistoricalAwards=false
• 关键词: TC; Medium; Collaborative; Research; Towards

TC: MEDIUM: COLLABORATIVE RESEARCH: TOWARDS SELF-PROTECTING DATA CENTERS: A SYSTEMATIC APPROACHTC-0905189 Sushil Jajodia, George Mason UniversityTC-0905131 Peng Liu, Pennsylvania State UniversityTC-0905153 Meng Yu, Western Illinois UniversityAbstractThis award is funded under the American Recovery and Reinvestment Act of 2009 (Public Law 111-5). Data centers using virtual machine (VM) consolidation are taking over old computer rooms run by individual companies. However, consolidating services and resources does not consolidate security automatically. To meet the top two requirements for modern data centers, namely business continuity and information security, this research will take a systematic approach that leverages the emerging VM technologies to consolidate four areas of systems security research: redundancy, microscopic intrusion analysis and detection, automatic response, and diversity-driven protection. We will make innovative contributions on various aspects of security consolidation, including (1) An architecture and underlying techniques based on diversified replication towards defensive protection against unknown attacks; (2) Novel cross-layer and cross-VM methods for causal relation logging, event correlation, damage assessment, and forensics; (3) New intrusion detection techniques based on unique cross-VM-replica inconsistency checking techniques, and new cross-layer inconsistency checking methods; (4) A novel pipelining approach towards automated intrusion response; and (5) New techniques for on-the-fly data center intrusion confinement and recovery.Our research will result in significant advances in helping mission/life/business critical applications and information systems reduce risk, increase business continuity, and deliver data assurance in the presence of severe cyber attacks. Broader impact will also result from the education, outreach, and dissemination initiatives. Educational resources from this project, including course modules and teaching laboratory designs, will be disseminated through a dedicated Website.Key Words: self-protection; recovery; virtual machine monitor; causal relations; availability

TC：中：协作研究：迈向自我保护数据中心：系统性方法TC-0905189 Sushil Jajodia，乔治梅森大学TC-0905131 Peng Liu，宾夕法尼亚州立大学TC-0905153 Menyu，西伊利诺伊大学摘要该奖项由《2009 年美国复苏和再投资法案》资助（公法 111-5）。使用虚拟机 (VM) 整合的数据中心正在接管由各个公司运营的旧机房。然而，整合服务和资源并不会自动强化安全性。为了满足现代数据中心的两大需求，即业务连续性和信息安全，本研究将采用系统方法，利用新兴的虚拟机技术来巩固系统安全研究的四个领域：冗余、微观入侵分析和检测、自动响应和多样性驱动的保护。我们将在安全整合的各个方面做出创新贡献，包括（1）基于多样化复制的架构和底层技术，以防御未知攻击； (2) 用于因果关系记录、事件关联、损害评估和取证的跨层和跨虚拟机的新方法； (3)基于独特的跨虚拟机-副本不一致检查技术的新的入侵检测技术，以及新的跨层不一致检查方法； (4) 一种新颖的自动化入侵响应流水线方法； (5) 动态数据中心入侵限制和恢复的新技术。我们的研究将在帮助任务/生命/业务关键应用程序和信息系统降低风险、提高业务连续性以及在严重网络攻击时提供数据保证方面取得重大进展。教育、外展和传播举措也将产生更广泛的影响。该项目的教育资源，包括课程模块和教学实验室设计，将通过专门的网站传播。恢复;虚拟机监视器；因果关系；可用性