Improving the Resilience of Computing Infrastructures against Zero Day Attacks through Quantitative Threat Modeling and Network Hardening
通过定量威胁建模和网络强化提高计算基础设施抵御零日攻击的弹性
基本信息
- 批准号:RGPIN-2017-06686
- 负责人:
- 金额:$ 1.89万
- 依托单位:
- 依托单位国家:加拿大
- 项目类别:Discovery Grants Program - Individual
- 财政年份:2022
- 资助国家:加拿大
- 起止时间:2022-01-01 至 2023-12-31
- 项目状态:已结题
- 来源:
- 关键词:
项目摘要
Today's computing infrastructures are playing the role of nerve systems in enterprises, governmental or military organizations, and critical infrastructures, such as power grids. However, the scale and severity of security breaches in computing infrastructures have continued to grow at an ever-increasing pace, which is evidenced by many high profile security incidents, such as the recent large scale DDoS attacks caused by the Mirai Botnet and the cyber-physical attack on Ukraine power grid in 2015 which left more than 230,000 residents in the dark. The so-called zero day attacks, which exploit previously unknown or unpatched vulnerabilities, are usually behind such security incidents (e.g., Stuxnet employs four different zero day vulnerabilities to target an industrial control system). Therefore, going beyond traditional defense approaches to evaluate and improve the resilience of computing infrastructures against potential zero day attacks is important. Most existing solutions for threat modeling, security metrics, and network hardening are based on known facts about existing vulnerabilities and are not applicable to zero day attacks. In such a context, the proposed research program aims to develop a series of novel techniques for modeling, measuring, and mitigating zero day attacks, and to apply such techniques to mission critical computing infrastructures, such as data centers, enterprise networks, and critical infrastructures, in order to improve their resilience against zero day attacks. Specifically, the long term objective of our research program is to develop a series of techniques for understanding (threat modeling), measuring (security metrics), and mitigating (network hardening) the risk of zero day attacks, and to apply such techniques to specific computing infrastructures. Our initial efforts will be focused on developing two specific security metrics and network hardening methods, and then apply those to two specific computing infrastructures, i.e., cloud and SCADA systems. Specifically, the short-term objectives are as follows. Design a new security metric by lifting the attack surface concept from software level to network level, and validate the metric through its correlation with known vulnerabilities. Integrate vulnerability discovery models with the k-zero day safety metric to develop a predictive model for estimating the future risk of zero day attacks based on historical data. Develop network hardening solutions based on those security metrics, realistic cost models, and optimization techniques to determine the optimal solutions under given cost constraints. Apply the metrics and hardening solutions to cloud data centers and SCADA systems by considering the unique characteristics of such infrastructures (e.g., the co-existence of physical and virtual components in cloud and the timelineness measured in milliseconds for SCADA).
今天的计算基础设施在企业、政府或军事组织以及电网等关键基础设施中发挥着神经系统的作用。然而,计算基础设施安全漏洞的规模和严重性继续以越来越大的速度增长,这从许多备受瞩目的安全事件中可见一斑,例如最近由Mirai僵尸网络导致的大规模DDoS攻击,以及2015年乌克兰电网遭受的网络物理攻击,导致超过23万居民蒙在鼓里。所谓的零日攻击利用以前未知或未打补丁的漏洞,通常是此类安全事件的幕后黑手(例如,Stuxnet使用四个不同的零日漏洞来攻击工业控制系统)。因此,超越传统的防御方法来评估和提高计算基础设施对潜在零日攻击的弹性是重要的。大多数现有的威胁建模、安全指标和网络加固解决方案都基于有关现有漏洞的已知事实,不适用于零日攻击。在这样的背景下,拟议的研究计划旨在开发一系列用于建模、测量和缓解零日攻击的新技术,并将这些技术应用于任务关键型计算基础设施,如数据中心、企业网络和关键基础设施,以提高它们对零日攻击的弹性。具体地说,我们研究计划的长期目标是开发一系列技术,用于了解(威胁建模)、测量(安全指标)和缓解(网络强化)零日攻击的风险,并将这些技术应用于特定的计算基础设施。我们最初的工作将集中在开发两个特定的安全指标和网络加固方法,然后将其应用于两个特定的计算基础设施,即云和SCADA系统。具体地说,短期目标如下。通过将攻击面概念从软件级别提升到网络级别来设计新的安全度量,并通过其与已知漏洞的关联来验证该度量。将漏洞发现模型与k零日安全指标相结合,以开发基于历史数据估计零日攻击未来风险的预测模型。根据这些安全指标、实际成本模型和优化技术开发网络加固解决方案,以确定在给定成本约束下的最佳解决方案。通过考虑云数据中心和SCADA系统的独特特征(例如,云中物理组件和虚拟组件的共存,以及SCADA的时间单位为毫秒),将指标和强化解决方案应用于云数据中心和SCADA系统。
项目成果
期刊论文数量(0)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)
数据更新时间:{{ journalArticles.updateTime }}
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
数据更新时间:{{ journalArticles.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ monograph.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ sciAawards.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ conferencePapers.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ patent.updateTime }}
Wang, Lingyu其他文献
The mechanism of Co oxyhydroxide nano-islands deposited on a Pt surface to promote the oxygen reduction reaction at the cathode of fuel cells.
- DOI:
10.1039/d0ra08645b - 发表时间:
2020-12-17 - 期刊:
- 影响因子:3.9
- 作者:
Lu, Jinghao;Yang, Libin;Guo, Wei;Xiao, Songtao;Wang, Lingyu;OuYang, Yinggen;Gao, Peng - 通讯作者:
Gao, Peng
Integrating network pharmacology and experimental studies for uncovering the molecular mechanisms of Dioscorea bulbifera L. in the treatment of thyroid cancer.
- DOI:
10.1016/j.heliyon.2023.e18886 - 发表时间:
2023-08 - 期刊:
- 影响因子:4
- 作者:
Liu, Ziqi;Zhong, Lian;Wang, Lingyu;Li, Meiyan;Chen, Chao - 通讯作者:
Chen, Chao
microRNA regulation in an ancient obligate endosymbiosis
- DOI:
10.1111/mec.14464 - 发表时间:
2018-04-01 - 期刊:
- 影响因子:4.9
- 作者:
Feng, Honglin;Wang, Lingyu;Wilson, Alex C. C. - 通讯作者:
Wilson, Alex C. C.
A taint based approach for automatic reverse engineering of gray-box file formats
一种基于污点的灰盒文件格式自动逆向工程方法
- DOI:
10.1007/s00500-015-1713-6 - 发表时间:
2015-05 - 期刊:
- 影响因子:0
- 作者:
Cui, Baojiang;Wang, Fuwei;Hao, Yongle;Wang, Lingyu - 通讯作者:
Wang, Lingyu
Synthesis and Characterization of g-C(3)N(4)/Ag(3)PO(4)/TiO(2)/PVDF Membrane with Remarkable Self-Cleaning Properties for Rhodamine B Removal.
- DOI:
10.3390/ijerph192315551 - 发表时间:
2022-11-23 - 期刊:
- 影响因子:0
- 作者:
Liu, Renguo;Li, Xue;Huang, Jinhui;Pang, Haoliang;Wan, Qiongfang;Luo, Kun;Pang, Ya;Wang, Lingyu - 通讯作者:
Wang, Lingyu
Wang, Lingyu的其他文献
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
{{ truncateString('Wang, Lingyu', 18)}}的其他基金
Improving the Resilience of Computing Infrastructures against Zero Day Attacks through Quantitative Threat Modeling and Network Hardening
通过定量威胁建模和网络强化提高计算基础设施抵御零日攻击的弹性
- 批准号:
RGPIN-2017-06686 - 财政年份:2021
- 资助金额:
$ 1.89万 - 项目类别:
Discovery Grants Program - Individual
NSERC/Ericsson Industrial Research Chair in Software-Defined Networking and Network Functions Virtualization Security: Compliance-Driven Monitoring, Detection, and Mitigation
NSERC/爱立信软件定义网络和网络功能虚拟化安全工业研究主席:合规驱动的监控、检测和缓解
- 批准号:
544869-2018 - 财政年份:2021
- 资助金额:
$ 1.89万 - 项目类别:
Industrial Research Chairs
NSERC/Ericsson Industrial Research Chair in Software-Defined Networking and Network Functions Virtualization Security: Compliance-Driven Monitoring, Detection, and Mitigation
NSERC/爱立信软件定义网络和网络功能虚拟化安全工业研究主席:合规驱动的监控、检测和缓解
- 批准号:
544869-2018 - 财政年份:2020
- 资助金额:
$ 1.89万 - 项目类别:
Industrial Research Chairs
Improving the Resilience of Computing Infrastructures against Zero Day Attacks through Quantitative Threat Modeling and Network Hardening
通过定量威胁建模和网络强化提高计算基础设施抵御零日攻击的弹性
- 批准号:
RGPIN-2017-06686 - 财政年份:2020
- 资助金额:
$ 1.89万 - 项目类别:
Discovery Grants Program - Individual
NSERC/Ericsson Industrial Research Chair in Software-Defined Networking and Network Functions Virtualization Security: Compliance-Driven Monitoring, Detection, and Mitigation
NSERC/爱立信软件定义网络和网络功能虚拟化安全工业研究主席:合规驱动的监控、检测和缓解
- 批准号:
544869-2018 - 财政年份:2019
- 资助金额:
$ 1.89万 - 项目类别:
Industrial Research Chairs
Improving the Resilience of Computing Infrastructures against Zero Day Attacks through Quantitative Threat Modeling and Network Hardening
通过定量威胁建模和网络强化提高计算基础设施抵御零日攻击的弹性
- 批准号:
RGPIN-2017-06686 - 财政年份:2019
- 资助金额:
$ 1.89万 - 项目类别:
Discovery Grants Program - Individual
Improving the Resilience of Computing Infrastructures against Zero Day Attacks through Quantitative Threat Modeling and Network Hardening
通过定量威胁建模和网络强化提高计算基础设施抵御零日攻击的弹性
- 批准号:
RGPIN-2017-06686 - 财政年份:2018
- 资助金额:
$ 1.89万 - 项目类别:
Discovery Grants Program - Individual
Auditing and monitoring the security of NFV and SDN-based cloud environments
审计和监控基于 NFV 和 SDN 的云环境的安全性
- 批准号:
517415-2017 - 财政年份:2018
- 资助金额:
$ 1.89万 - 项目类别:
Collaborative Research and Development Grants
Auditing and monitoring the security of NFV and SDN-based cloud environments
审计和监控基于 NFV 和 SDN 的云环境的安全性
- 批准号:
517415-2017 - 财政年份:2017
- 资助金额:
$ 1.89万 - 项目类别:
Collaborative Research and Development Grants
Improving the Resilience of Computing Infrastructures against Zero Day Attacks through Quantitative Threat Modeling and Network Hardening
通过定量威胁建模和网络强化提高计算基础设施抵御零日攻击的弹性
- 批准号:
RGPIN-2017-06686 - 财政年份:2017
- 资助金额:
$ 1.89万 - 项目类别:
Discovery Grants Program - Individual
相似海外基金
Improving the Resilience of Computing Infrastructures against Zero Day Attacks through Quantitative Threat Modeling and Network Hardening
通过定量威胁建模和网络强化提高计算基础设施抵御零日攻击的弹性
- 批准号:
RGPIN-2017-06686 - 财政年份:2021
- 资助金额:
$ 1.89万 - 项目类别:
Discovery Grants Program - Individual
Digital twin computing for enhancing resilience of disaster medical system
数字孪生计算增强灾难医疗系统的复原力
- 批准号:
21H05001 - 财政年份:2021
- 资助金额:
$ 1.89万 - 项目类别:
Grant-in-Aid for Scientific Research (S)
Exascale Computing for System-Level Engineering: Design, Optimisation and Resilience
用于系统级工程的百亿亿次计算:设计、优化和弹性
- 批准号:
EP/V001531/1 - 财政年份:2020
- 资助金额:
$ 1.89万 - 项目类别:
Research Grant
Improving the Resilience of Computing Infrastructures against Zero Day Attacks through Quantitative Threat Modeling and Network Hardening
通过定量威胁建模和网络强化提高计算基础设施抵御零日攻击的弹性
- 批准号:
RGPIN-2017-06686 - 财政年份:2020
- 资助金额:
$ 1.89万 - 项目类别:
Discovery Grants Program - Individual
Exascale Computing for System-Level Engineering: Design, Optimisation and Resilience
用于系统级工程的百亿亿次计算:设计、优化和弹性
- 批准号:
EP/V001396/1 - 财政年份:2020
- 资助金额:
$ 1.89万 - 项目类别:
Research Grant
Virtual Organization for Computing Research in Pandemic Preparedness and Resilience
流行病防范和恢复力计算研究虚拟组织
- 批准号:
2041952 - 财政年份:2020
- 资助金额:
$ 1.89万 - 项目类别:
Standard Grant
CRISP 2.0 Type 1: Collaborative Research: Distributed Edge Computing to Improve Resilience of Interdependent Systems
CRISP 2.0 类型 1:协作研究:分布式边缘计算以提高相互依赖系统的弹性
- 批准号:
1832711 - 财政年份:2019
- 资助金额:
$ 1.89万 - 项目类别:
Standard Grant
CRISP 2.0 Type 1: Collaborative Research: Distributed Edge Computing to Improve Resilience of Interdependent Systems
CRISP 2.0 类型 1:协作研究:分布式边缘计算以提高相互依赖系统的弹性
- 批准号:
1832688 - 财政年份:2019
- 资助金额:
$ 1.89万 - 项目类别:
Standard Grant
Improving the Resilience of Computing Infrastructures against Zero Day Attacks through Quantitative Threat Modeling and Network Hardening
通过定量威胁建模和网络强化提高计算基础设施抵御零日攻击的弹性
- 批准号:
RGPIN-2017-06686 - 财政年份:2019
- 资助金额:
$ 1.89万 - 项目类别:
Discovery Grants Program - Individual
CRISP 2.0 Type 1: Collaborative Research: Distributed Edge Computing to Improve Resilience of Interdependent Systems
CRISP 2.0 类型 1:协作研究:分布式边缘计算以提高相互依赖系统的弹性
- 批准号:
1832683 - 财政年份:2019
- 资助金额:
$ 1.89万 - 项目类别:
Standard Grant