Subventions et des contributions :

Retour à la page de recherche
Titre :
Improving the Resilience of Computing Infrastructures against Zero Day Attacks through Quantitative Threat Modeling and Network Hardening
Numéro de l’entente :
RGPIN
Valeur d'entente :
130 000,00 $
Date d'entente :
10 mai 2017 -
Organisation :
Conseil de recherches en sciences naturelles et en génie du Canada
Location :
Québec, Autre, CA
Numéro de référence :
GC-2017-Q1-03432
Type d'entente :
subvention
Type de rapport :
Subventions et des contributions
Renseignements supplémentaires :

Subvention ou bourse octroyée s'appliquant à plus d'un exercice financier. (2017-2018 à 2022-2023)

Nom légal du bénéficiaire :
Wang, Lingyu (Université Concordia)
Programme :
Programme de subventions à la découverte - individuelles
But du programme :

Today's computing infrastructures are playing the role of nerve systems in enterprises, governmental or military organizations, and critical infrastructures, such as power grids. However, the scale and severity of security breaches in computing infrastructures have continued to grow at an ever-increasing pace, which is evidenced by many high profile security incidents, such as the recent large scale DDoS attacks caused by the Mirai Botnet and the cyber-physical attack on Ukraine power grid in 2015 which left more than 230,000 residents in the dark. The so-called zero day attacks, which exploit previously unknown or unpatched vulnerabilities, are usually behind such security incidents (e.g., Stuxnet employs four different zero day vulnerabilities to target an industrial control system). Therefore, going beyond traditional defense approaches to evaluate and improve the resilience of computing infrastructures against potential zero day attacks is important. Most existing solutions for threat modeling, security metrics, and network hardening are based on known facts about existing vulnerabilities and are not applicable to zero day attacks. In such a context, the proposed research program aims to develop a series of novel techniques for modeling, measuring, and mitigating zero day attacks, and to apply such techniques to mission critical computing infrastructures, such as data centers, enterprise networks, and critical infrastructures, in order to improve their resilience against zero day attacks.

Specifically, the long term objective of our research program is to develop a series of techniques for understanding (threat modeling), measuring (security metrics), and mitigating (network hardening) the risk of zero day attacks, and to apply such techniques to specific computing infrastructures. Our initial efforts will be focused on developing two specific security metrics and network hardening methods, and then apply those to two specific computing infrastructures, i.e., cloud and SCADA systems. Specifically, the short-term objectives are as follows. Design a new security metric by lifting the attack surface concept from software level to network level, and validate the metric through its correlation with known vulnerabilities. Integrate vulnerability discovery models with the k-zero day safety metric to develop a predictive model for estimating the future risk of zero day attacks based on historical data. Develop network hardening solutions based on those security metrics, realistic cost models, and optimization techniques to determine the optimal solutions under given cost constraints. Apply the metrics and hardening solutions to cloud data centers and SCADA systems by considering the unique characteristics of such infrastructures (e.g., the co-existence of physical and virtual components in cloud and the timelineness measured in milliseconds for SCADA ).