Runtime Monitoring: From Theory to Usable Security

运行时监控:从理论到可用的安全性

基本信息

  • 批准号:
    RGPIN-2015-04142
  • 负责人:
  • 金额:
    $ 1.31万
  • 依托单位:
  • 依托单位国家:
    加拿大
  • 项目类别:
    Discovery Grants Program - Individual
  • 财政年份:
    2019
  • 资助国家:
    加拿大
  • 起止时间:
    2019-01-01 至 2020-12-31
  • 项目状态:
    已结题

项目摘要

According to the 2013 Norton Report, cyber-crime has cost Canadian upwards of 3 Bilion US$ in 2013 alone. Globally, the costs are estimated to reach 113 Billion US$. As a consequence, both government and industry have taken a keen interest in developing tools to protect sensitive systems and data. Runtime monitoring is an approach to enforcing security policies that seeks to allow untrusted code to run safely by observing its execution and reacting as needed to prevent a violation of a user-supplied security policy. This method of ensuring the safety of code is rapidly gaining acceptance in practice and several implementations exist. This proliferation has prompted interest from the academic community, and many interesting and innovative ideas have been proposed in the scientific literature to make monitors an attractive and powerful security policy enforcement option. A few examples of such ideas include monitors with zero overhead in memory usage, monitor certification-a technique to provide a user-checkable proof of the monitor's correct enforcement, and the monitoring of information flow, a particular class of policies that relates to privacy.******However, practical implementations of monitors do not draw upon the vast body of scholarly research that relates to monitoring. Indeed, most remain limited to the enforcement of a narrow subset of security policies and rely upon only one of the multiple mechanisms at their disposal to avert a potential violation of the security policy, namely aborting the execution. Conversely, theoretical research in monitoring abstracts away many aspects of a real-life monitor that would make implementation more laborious. For example, research-paper monitors are often tested on short execution traces of a few hundred events and do not scale up to the many millions of events of real execution traces.******This research program seeks to bridge the divide between theoretical research and practical implementations of monitors. On the one hand, we will develop software that exploit the full potential of monitors highlighted in the scientific literature and issue them as ready-to-use security tools. We are particularly interested in developing a usable monitor certification framework, and diversity-based HIDS. On the other hand, our work will also push theoretical research forward through our study of the pitfalls encountered when implementing monitors and provide the scientific community with real tools and test data to use in monitor research.******The upshot of this research will be the development of monitors that are more powerful, in the sense that can enforce a larger set of security policies, more precise, meaning that they can detect violations with less risk of a false positive, and with a lower footprint of resource consumption. This research will also allow us to refine the theoretical models used to reason about the capacities of monitors.
根据2013年诺顿报告,仅在2013年,网络犯罪就给加拿大造成了3亿美元以上的损失。 在全球范围内,成本估计达到1130亿美元。 因此,政府和行业都对开发保护敏感系统和数据的工具非常感兴趣。 安全监视是一种强制执行安全策略的方法,它通过观察不受信任的代码的执行并根据需要做出反应来防止违反用户提供的安全策略,从而寻求允许不受信任的代码安全地运行。 这种确保代码安全性的方法在实践中迅速获得认可,并且存在几种实现。这种扩散引起了学术界的兴趣,在科学文献中提出了许多有趣和创新的想法,使监视器成为一种有吸引力和强大的安全策略执行选项。这些想法的一些例子包括内存使用零开销的监视器,监视器证书-一种为监视器的正确执行提供用户可检查证明的技术,以及信息流的监视,一种与隐私有关的特定类别的策略。然而,监视器的实际实现并不依赖于与监视相关的大量学术研究。 事实上,大多数仍然局限于执行安全策略的一个狭窄的子集,并且仅依赖于它们所掌握的多种机制中的一种来避免对安全策略的潜在违反,即中止执行。 相反,监控的理论研究抽象了现实生活中监控器的许多方面,这将使实现更加费力。例如,研究论文监视器通常在几百个事件的短执行跟踪上进行测试,而不会扩展到真实的执行跟踪的数百万个事件。该研究计划旨在弥合理论研究和监视器的实际实施之间的鸿沟。一方面,我们将开发软件,充分利用科学文献中强调的监视器的潜力,并将其作为随时可用的安全工具发布。我们特别感兴趣的是开发一个可用的监视器认证框架,和基于多样性的HIDS。另一方面,我们的工作也将通过我们对实施监测器时遇到的陷阱的研究推动理论研究,并为科学界提供用于监测器研究的真实的工具和测试数据。这项研究的结果将是开发更强大的监视器,从某种意义上说,可以执行更大的安全策略集,更精确,这意味着它们可以检测违规行为,误报风险更低,资源消耗更低。这项研究还将使我们能够完善用于推理监视器容量的理论模型。

项目成果

期刊论文数量(0)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)

数据更新时间:{{ journalArticles.updateTime }}

{{ item.title }}
{{ item.translation_title }}
  • DOI:
    {{ item.doi }}
  • 发表时间:
    {{ item.publish_year }}
  • 期刊:
  • 影响因子:
    {{ item.factor }}
  • 作者:
    {{ item.authors }}
  • 通讯作者:
    {{ item.author }}

数据更新时间:{{ journalArticles.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ monograph.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ sciAawards.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ conferencePapers.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ patent.updateTime }}

Khoury, Raphaël其他文献

Khoury, Raphaël的其他文献

{{ item.title }}
{{ item.translation_title }}
  • DOI:
    {{ item.doi }}
  • 发表时间:
    {{ item.publish_year }}
  • 期刊:
  • 影响因子:
    {{ item.factor }}
  • 作者:
    {{ item.authors }}
  • 通讯作者:
    {{ item.author }}

{{ truncateString('Khoury, Raphaël', 18)}}的其他基金

Ensuring User control of Personal Information Though the Blockchain
通过区块链确保用户控制个人信息
  • 批准号:
    DDG-2020-00033
  • 财政年份:
    2021
  • 资助金额:
    $ 1.31万
  • 项目类别:
    Discovery Development Grant
Ensuring User control of Personal Information Though the Blockchain
通过区块链确保用户控制个人信息
  • 批准号:
    DDG-2020-00033
  • 财政年份:
    2020
  • 资助金额:
    $ 1.31万
  • 项目类别:
    Discovery Development Grant
Runtime Monitoring: From Theory to Usable Security
运行时监控:从理论到可用的安全性
  • 批准号:
    RGPIN-2015-04142
  • 财政年份:
    2018
  • 资助金额:
    $ 1.31万
  • 项目类别:
    Discovery Grants Program - Individual
Runtime Monitoring: From Theory to Usable Security
运行时监控:从理论到可用的安全性
  • 批准号:
    RGPIN-2015-04142
  • 财政年份:
    2017
  • 资助金额:
    $ 1.31万
  • 项目类别:
    Discovery Grants Program - Individual
Runtime Monitoring: From Theory to Usable Security
运行时监控:从理论到可用的安全性
  • 批准号:
    RGPIN-2015-04142
  • 财政年份:
    2016
  • 资助金额:
    $ 1.31万
  • 项目类别:
    Discovery Grants Program - Individual
Runtime Monitoring: From Theory to Usable Security
运行时监控:从理论到可用的安全性
  • 批准号:
    RGPIN-2015-04142
  • 财政年份:
    2015
  • 资助金额:
    $ 1.31万
  • 项目类别:
    Discovery Grants Program - Individual

相似海外基金

New developments of extreme value theory based on monitoring data and its statistical inference
基于监测数据的极值理论及其统计推断的新进展
  • 批准号:
    19K04890
  • 财政年份:
    2019
  • 资助金额:
    $ 1.31万
  • 项目类别:
    Grant-in-Aid for Scientific Research (C)
Regime shifts in coastal marine ecosystems: an empirical approach based on advanced monitoring and nonlinear dynamical theory
沿海海洋生态系统的政权转变:基于先进监测和非线性动力学理论的实证方法
  • 批准号:
    19H05641
  • 财政年份:
    2019
  • 资助金额:
    $ 1.31万
  • 项目类别:
    Grant-in-Aid for Scientific Research (S)
Runtime Monitoring: From Theory to Usable Security
运行时监控:从理论到可用的安全性
  • 批准号:
    RGPIN-2015-04142
  • 财政年份:
    2018
  • 资助金额:
    $ 1.31万
  • 项目类别:
    Discovery Grants Program - Individual
Runtime Monitoring: From Theory to Usable Security
运行时监控:从理论到可用的安全性
  • 批准号:
    RGPIN-2015-04142
  • 财政年份:
    2017
  • 资助金额:
    $ 1.31万
  • 项目类别:
    Discovery Grants Program - Individual
Collaborative Research: A New Inverse Theory for Joint Parameter and Boundary Conditions Estimation to Improve Characterization of Deep Geologic Formations and Leakage Monitoring
合作研究:联合参数和边界条件估计的新逆理论,以改善深层地质构造和泄漏监测的表征
  • 批准号:
    1702078
  • 财政年份:
    2017
  • 资助金额:
    $ 1.31万
  • 项目类别:
    Standard Grant
Collaborative Research: ATD: Theory and Algorithms for Discrete Curvatures on Network Data from Human Mobility and Monitoring
合作研究:ATD:人体移动和监测网络数据离散曲率的理论和算法
  • 批准号:
    1737876
  • 财政年份:
    2017
  • 资助金额:
    $ 1.31万
  • 项目类别:
    Standard Grant
Collaborative Research: ATD: Theory and Algorithms for Discrete Curvatures on Network Data from Human Mobility and Monitoring
合作研究:ATD:人体移动和监测网络数据离散曲率的理论和算法
  • 批准号:
    1737812
  • 财政年份:
    2017
  • 资助金额:
    $ 1.31万
  • 项目类别:
    Standard Grant
Collaborative Research: A New Inverse Theory for Joint Parameter and Boundary Conditions Estimation to Improve Characterization of Deep Geologic Formations and Leakage Monitoring
合作研究:联合参数和边界条件估计的新逆理论,以改善深层地质构造和泄漏监测的表征
  • 批准号:
    1702060
  • 财政年份:
    2017
  • 资助金额:
    $ 1.31万
  • 项目类别:
    Standard Grant
Development of the Theory of Monitoring Tests for Economic Data and Its Applications
经济数据监测检验理论发展及其应用
  • 批准号:
    16K03594
  • 财政年份:
    2016
  • 资助金额:
    $ 1.31万
  • 项目类别:
    Grant-in-Aid for Scientific Research (C)
Runtime Monitoring: From Theory to Usable Security
运行时监控:从理论到可用的安全性
  • 批准号:
    RGPIN-2015-04142
  • 财政年份:
    2016
  • 资助金额:
    $ 1.31万
  • 项目类别:
    Discovery Grants Program - Individual
{{ showInfoDetail.title }}

作者:{{ showInfoDetail.author }}

知道了