7th IEEE International Workshop on Trusted Collaboration

Research Article

CyberX:A Biologically-inspired Platform for Cyber Trust Management

Download750 downloads
  • @INPROCEEDINGS{10.4108/icst.collaboratecom.2012.250512,
        author={Mohamed Azab and Mohamed Eltoweissy},
        title={CyberX:A Biologically-inspired Platform for Cyber Trust Management},
        proceedings={7th IEEE International Workshop on Trusted Collaboration},
        publisher={IEEE},
        proceedings_a={TRUSTCOL},
        year={2012},
        month={12},
        keywords={software management platform system diversity moving target defense biologically-inspired software architecture resilience hot shuffling},
        doi={10.4108/icst.collaboratecom.2012.250512}
    }
    
  • Mohamed Azab
    Mohamed Eltoweissy
    Year: 2012
    CyberX:A Biologically-inspired Platform for Cyber Trust Management
    TRUSTCOL
    ICST
    DOI: 10.4108/icst.collaboratecom.2012.250512
Mohamed Azab1,*, Mohamed Eltoweissy2
  • 1: The Bradley Department of Electrical and Computer Engineering, Virginia Tech
  • 2: Egypt-Japan University of Science and Technology
*Contact email: mazab@vt.edu

Abstract

Today numerous infrastructure assets remain alarmingly susceptible to advanced, targeted cyber attacks. There is a need to construct trustworthy high-quality protection and defense solutions capable of securing such valuable assets. In our work, we realize such cyber trust through trace-resistant moving-target defense, resilience against failures and attacks, and autonomous trustworthy cooperative defense. Achieving these goals would require software development, management, and operation platforms that support elasticity, diversity, awareness, cooperation, and intelligence. In this paper, we propose CyberX, a situation-aware trustworthy management platform. CyberX utilizes our Cell Oriented Architecture (COA) capability that separates the main design concerns: data, logic and physical resources to employ runtime diversity via hot shuffling of similar-function different-quality-objective code variants. CyberX employs such diversity to modify the application implicit behavior at runtime utilizing autonomous execution elasticity and adaptability. Further, CyberX enhances application resilience against failures and attacks via multi-mode recovery and real-time, context- and situation-aware adjustment of shuffling and recovery policies. Using analysis and simulation, results show that CyberX-managed COA-based software systems can efficiently adapt to maintain the desired performance and resilience objectives even in hazardous, unstable environments at a reasonable overhead.