HAL 9000: Skynet's Risk Manager.
CoRR(2023)
摘要
Intrusion Tolerant Systems (ITSs) are a necessary component for
cyber-services/infrastructures. Additionally, as cyberattacks follow a
multi-domain attack surface, a similar defensive approach should be applied,
namely, the use of an evolving multi-disciplinary solution that combines ITS,
cybersecurity and Artificial Intelligence (AI). With the increased popularity
of AI solutions, due to Big Data use-case scenarios and decision support and
automation scenarios, new opportunities to apply Machine Learning (ML)
algorithms have emerged, namely ITS empowerment. Using ML algorithms, an ITS
can augment its intrusion tolerance capability, by learning from previous
attacks and from known vulnerabilities. As such, this work's contribution is
twofold: (1) an ITS architecture (Skynet) based on the state-of-the-art and
incorporates new components to increase its intrusion tolerance capability and
its adaptability to new adversaries; (2) an improved Risk Manager design that
leverages AI to improve ITSs by automatically assessing OS risks to intrusions,
and advise with safer configurations. One of the reasons that intrusions are
successful is due to bad configurations or slow adaptability to new threats.
This can be caused by the dependency that systems have for human intervention.
One of the characteristics in Skynet and HAL 9000 design is the removal of
human intervention. Being fully automatized lowers the chance of successful
intrusions caused by human error. Our experiments using Skynet, shows that HAL
is able to choose 15% safer configurations than the state-of-the-art risk
manager.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要