Improving the Resilience of Computing Infrastructures against Zero Day Attacks through Quantitative Threat Modeling and Network Hardening
通过定量威胁建模和网络强化提高计算基础设施抵御零日攻击的弹性
基本信息
- 批准号:RGPIN-2017-06686
- 负责人:
- 金额:$ 1.89万
- 依托单位:
- 依托单位国家:加拿大
- 项目类别:Discovery Grants Program - Individual
- 财政年份:2022
- 资助国家:加拿大
- 起止时间:2022-01-01 至 2023-12-31
- 项目状态:已结题
- 来源:
- 关键词:
项目摘要
Today's computing infrastructures are playing the role of nerve systems in enterprises, governmental or military organizations, and critical infrastructures, such as power grids. However, the scale and severity of security breaches in computing infrastructures have continued to grow at an ever-increasing pace, which is evidenced by many high profile security incidents, such as the recent large scale DDoS attacks caused by the Mirai Botnet and the cyber-physical attack on Ukraine power grid in 2015 which left more than 230,000 residents in the dark. The so-called zero day attacks, which exploit previously unknown or unpatched vulnerabilities, are usually behind such security incidents (e.g., Stuxnet employs four different zero day vulnerabilities to target an industrial control system). Therefore, going beyond traditional defense approaches to evaluate and improve the resilience of computing infrastructures against potential zero day attacks is important. Most existing solutions for threat modeling, security metrics, and network hardening are based on known facts about existing vulnerabilities and are not applicable to zero day attacks. In such a context, the proposed research program aims to develop a series of novel techniques for modeling, measuring, and mitigating zero day attacks, and to apply such techniques to mission critical computing infrastructures, such as data centers, enterprise networks, and critical infrastructures, in order to improve their resilience against zero day attacks. Specifically, the long term objective of our research program is to develop a series of techniques for understanding (threat modeling), measuring (security metrics), and mitigating (network hardening) the risk of zero day attacks, and to apply such techniques to specific computing infrastructures. Our initial efforts will be focused on developing two specific security metrics and network hardening methods, and then apply those to two specific computing infrastructures, i.e., cloud and SCADA systems. Specifically, the short-term objectives are as follows. Design a new security metric by lifting the attack surface concept from software level to network level, and validate the metric through its correlation with known vulnerabilities. Integrate vulnerability discovery models with the k-zero day safety metric to develop a predictive model for estimating the future risk of zero day attacks based on historical data. Develop network hardening solutions based on those security metrics, realistic cost models, and optimization techniques to determine the optimal solutions under given cost constraints. Apply the metrics and hardening solutions to cloud data centers and SCADA systems by considering the unique characteristics of such infrastructures (e.g., the co-existence of physical and virtual components in cloud and the timelineness measured in milliseconds for SCADA).
当今的计算基础设施在企业、政府或军事组织以及关键基础设施(如电网)中扮演着神经系统的角色。然而,计算基础设施中安全漏洞的规模和严重性继续以不断增长的速度增长,这可以从许多备受瞩目的安全事件中得到证明,例如最近由米拉伊僵尸网络引起的大规模DDoS攻击以及2015年对乌克兰电网的网络物理攻击,这使得超过23万居民处于黑暗之中。所谓的零日攻击,利用以前未知或未修补的漏洞,通常是这种安全事件的背后(例如,Stuxnet使用四种不同的零日漏洞来攻击工业控制系统)。因此,超越传统的防御方法来评估和提高计算基础设施对潜在零日攻击的弹性非常重要。大多数现有的威胁建模、安全指标和网络加固解决方案都是基于现有漏洞的已知事实,不适用于零日攻击。在这样的背景下,拟议的研究计划旨在开发一系列新的技术建模,测量和减轻零日攻击,并将这些技术应用于使命关键计算基础设施,如数据中心,企业网络和关键基础设施,以提高其对零日攻击的弹性。具体来说,我们的研究计划的长期目标是开发一系列技术,用于理解(威胁建模),测量(安全指标)和减轻(网络加固)零日攻击的风险,并将这些技术应用于特定的计算基础设施。我们最初的工作将集中在开发两个特定的安全指标和网络加固方法,然后将其应用于两个特定的计算基础设施,即,云和SCADA系统。具体而言,短期目标如下。通过将攻击面概念从软件级提升到网络级,设计一个新的安全度量,并通过与已知漏洞的相关性验证该度量。将漏洞发现模型与k-zero day安全指标集成,以开发一个预测模型,用于根据历史数据估计零日攻击的未来风险。根据这些安全指标、实际成本模型和优化技术开发网络加固解决方案,以确定给定成本约束下的最佳解决方案。通过考虑云数据中心和SCADA系统基础设施的独特特性(例如,云中物理和虚拟组件的共存以及SCADA的以毫秒为单位测量的时效性)。
项目成果
期刊论文数量(0)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)
数据更新时间:{{ journalArticles.updateTime }}
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
数据更新时间:{{ journalArticles.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ monograph.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ sciAawards.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ conferencePapers.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ patent.updateTime }}
Wang, Lingyu其他文献
The mechanism of Co oxyhydroxide nano-islands deposited on a Pt surface to promote the oxygen reduction reaction at the cathode of fuel cells.
- DOI:
10.1039/d0ra08645b - 发表时间:
2020-12-17 - 期刊:
- 影响因子:3.9
- 作者:
Lu, Jinghao;Yang, Libin;Guo, Wei;Xiao, Songtao;Wang, Lingyu;OuYang, Yinggen;Gao, Peng - 通讯作者:
Gao, Peng
Integrating network pharmacology and experimental studies for uncovering the molecular mechanisms of Dioscorea bulbifera L. in the treatment of thyroid cancer.
- DOI:
10.1016/j.heliyon.2023.e18886 - 发表时间:
2023-08 - 期刊:
- 影响因子:4
- 作者:
Liu, Ziqi;Zhong, Lian;Wang, Lingyu;Li, Meiyan;Chen, Chao - 通讯作者:
Chen, Chao
microRNA regulation in an ancient obligate endosymbiosis
- DOI:
10.1111/mec.14464 - 发表时间:
2018-04-01 - 期刊:
- 影响因子:4.9
- 作者:
Feng, Honglin;Wang, Lingyu;Wilson, Alex C. C. - 通讯作者:
Wilson, Alex C. C.
A taint based approach for automatic reverse engineering of gray-box file formats
一种基于污点的灰盒文件格式自动逆向工程方法
- DOI:
10.1007/s00500-015-1713-6 - 发表时间:
2015-05 - 期刊:
- 影响因子:0
- 作者:
Cui, Baojiang;Wang, Fuwei;Hao, Yongle;Wang, Lingyu - 通讯作者:
Wang, Lingyu
Synthesis and Characterization of g-C(3)N(4)/Ag(3)PO(4)/TiO(2)/PVDF Membrane with Remarkable Self-Cleaning Properties for Rhodamine B Removal.
- DOI:
10.3390/ijerph192315551 - 发表时间:
2022-11-23 - 期刊:
- 影响因子:0
- 作者:
Liu, Renguo;Li, Xue;Huang, Jinhui;Pang, Haoliang;Wan, Qiongfang;Luo, Kun;Pang, Ya;Wang, Lingyu - 通讯作者:
Wang, Lingyu
Wang, Lingyu的其他文献
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
{{ truncateString('Wang, Lingyu', 18)}}的其他基金
Improving the Resilience of Computing Infrastructures against Zero Day Attacks through Quantitative Threat Modeling and Network Hardening
通过定量威胁建模和网络强化提高计算基础设施抵御零日攻击的弹性
- 批准号:
RGPIN-2017-06686 - 财政年份:2021
- 资助金额:
$ 1.89万 - 项目类别:
Discovery Grants Program - Individual
NSERC/Ericsson Industrial Research Chair in Software-Defined Networking and Network Functions Virtualization Security: Compliance-Driven Monitoring, Detection, and Mitigation
NSERC/爱立信软件定义网络和网络功能虚拟化安全工业研究主席:合规驱动的监控、检测和缓解
- 批准号:
544869-2018 - 财政年份:2021
- 资助金额:
$ 1.89万 - 项目类别:
Industrial Research Chairs
NSERC/Ericsson Industrial Research Chair in Software-Defined Networking and Network Functions Virtualization Security: Compliance-Driven Monitoring, Detection, and Mitigation
NSERC/爱立信软件定义网络和网络功能虚拟化安全工业研究主席:合规驱动的监控、检测和缓解
- 批准号:
544869-2018 - 财政年份:2020
- 资助金额:
$ 1.89万 - 项目类别:
Industrial Research Chairs
Improving the Resilience of Computing Infrastructures against Zero Day Attacks through Quantitative Threat Modeling and Network Hardening
通过定量威胁建模和网络强化提高计算基础设施抵御零日攻击的弹性
- 批准号:
RGPIN-2017-06686 - 财政年份:2020
- 资助金额:
$ 1.89万 - 项目类别:
Discovery Grants Program - Individual
NSERC/Ericsson Industrial Research Chair in Software-Defined Networking and Network Functions Virtualization Security: Compliance-Driven Monitoring, Detection, and Mitigation
NSERC/爱立信软件定义网络和网络功能虚拟化安全工业研究主席:合规驱动的监控、检测和缓解
- 批准号:
544869-2018 - 财政年份:2019
- 资助金额:
$ 1.89万 - 项目类别:
Industrial Research Chairs
Improving the Resilience of Computing Infrastructures against Zero Day Attacks through Quantitative Threat Modeling and Network Hardening
通过定量威胁建模和网络强化提高计算基础设施抵御零日攻击的弹性
- 批准号:
RGPIN-2017-06686 - 财政年份:2019
- 资助金额:
$ 1.89万 - 项目类别:
Discovery Grants Program - Individual
Improving the Resilience of Computing Infrastructures against Zero Day Attacks through Quantitative Threat Modeling and Network Hardening
通过定量威胁建模和网络强化提高计算基础设施抵御零日攻击的弹性
- 批准号:
RGPIN-2017-06686 - 财政年份:2018
- 资助金额:
$ 1.89万 - 项目类别:
Discovery Grants Program - Individual
Auditing and monitoring the security of NFV and SDN-based cloud environments
审计和监控基于 NFV 和 SDN 的云环境的安全性
- 批准号:
517415-2017 - 财政年份:2018
- 资助金额:
$ 1.89万 - 项目类别:
Collaborative Research and Development Grants
Auditing and monitoring the security of NFV and SDN-based cloud environments
审计和监控基于 NFV 和 SDN 的云环境的安全性
- 批准号:
517415-2017 - 财政年份:2017
- 资助金额:
$ 1.89万 - 项目类别:
Collaborative Research and Development Grants
Improving the Resilience of Computing Infrastructures against Zero Day Attacks through Quantitative Threat Modeling and Network Hardening
通过定量威胁建模和网络强化提高计算基础设施抵御零日攻击的弹性
- 批准号:
RGPIN-2017-06686 - 财政年份:2017
- 资助金额:
$ 1.89万 - 项目类别:
Discovery Grants Program - Individual
相似海外基金
Improving the Resilience of Computing Infrastructures against Zero Day Attacks through Quantitative Threat Modeling and Network Hardening
通过定量威胁建模和网络强化提高计算基础设施抵御零日攻击的弹性
- 批准号:
RGPIN-2017-06686 - 财政年份:2021
- 资助金额:
$ 1.89万 - 项目类别:
Discovery Grants Program - Individual
Digital twin computing for enhancing resilience of disaster medical system
数字孪生计算增强灾难医疗系统的复原力
- 批准号:
21H05001 - 财政年份:2021
- 资助金额:
$ 1.89万 - 项目类别:
Grant-in-Aid for Scientific Research (S)
Exascale Computing for System-Level Engineering: Design, Optimisation and Resilience
用于系统级工程的百亿亿次计算:设计、优化和弹性
- 批准号:
EP/V001531/1 - 财政年份:2020
- 资助金额:
$ 1.89万 - 项目类别:
Research Grant
Improving the Resilience of Computing Infrastructures against Zero Day Attacks through Quantitative Threat Modeling and Network Hardening
通过定量威胁建模和网络强化提高计算基础设施抵御零日攻击的弹性
- 批准号:
RGPIN-2017-06686 - 财政年份:2020
- 资助金额:
$ 1.89万 - 项目类别:
Discovery Grants Program - Individual
Exascale Computing for System-Level Engineering: Design, Optimisation and Resilience
用于系统级工程的百亿亿次计算:设计、优化和弹性
- 批准号:
EP/V001396/1 - 财政年份:2020
- 资助金额:
$ 1.89万 - 项目类别:
Research Grant
Virtual Organization for Computing Research in Pandemic Preparedness and Resilience
流行病防范和恢复力计算研究虚拟组织
- 批准号:
2041952 - 财政年份:2020
- 资助金额:
$ 1.89万 - 项目类别:
Standard Grant
CRISP 2.0 Type 1: Collaborative Research: Distributed Edge Computing to Improve Resilience of Interdependent Systems
CRISP 2.0 类型 1:协作研究:分布式边缘计算以提高相互依赖系统的弹性
- 批准号:
1832711 - 财政年份:2019
- 资助金额:
$ 1.89万 - 项目类别:
Standard Grant
CRISP 2.0 Type 1: Collaborative Research: Distributed Edge Computing to Improve Resilience of Interdependent Systems
CRISP 2.0 类型 1:协作研究:分布式边缘计算以提高相互依赖系统的弹性
- 批准号:
1832688 - 财政年份:2019
- 资助金额:
$ 1.89万 - 项目类别:
Standard Grant
Improving the Resilience of Computing Infrastructures against Zero Day Attacks through Quantitative Threat Modeling and Network Hardening
通过定量威胁建模和网络强化提高计算基础设施抵御零日攻击的弹性
- 批准号:
RGPIN-2017-06686 - 财政年份:2019
- 资助金额:
$ 1.89万 - 项目类别:
Discovery Grants Program - Individual
CRISP 2.0 Type 1: Collaborative Research: Distributed Edge Computing to Improve Resilience of Interdependent Systems
CRISP 2.0 类型 1:协作研究:分布式边缘计算以提高相互依赖系统的弹性
- 批准号:
1832683 - 财政年份:2019
- 资助金额:
$ 1.89万 - 项目类别:
Standard Grant