FUZZBUSTER: A System for Self-Adaptive Immunity from Cyber Threats
نویسندگان
چکیده
Today’s computer systems are under relentless attack from cyber attackers armed with sophisticated vulnerability search and exploit development toolkits. To protect against such threats, we are developing FUZZBUSTER, an automated system that provides adaptive immunity against a wide variety of cyber threats. FUZZBUSTER reacts to observed attacks and proactively searches for never-before-seen vulnerabilities. FUZZBUSTER uses a suite of fuzz testing and vulnerability assessment tools to find or verify the existence of vulnerabilities. Then FUZZBUSTER conducts additional tests to characterize the extent of the vulnerability, identifying ways it can be triggered. After characterizing a vulnerability, FUZZBUSTER synthesizes and applies an adaptation to prevent future exploits. Keywords-self-adaptive immunity, cyber-security, fuzz-testing.
منابع مشابه
Automated Fault Analysis and Filter Generation for Adaptive Cybersecurity
We are developing the FUZZBUSTER system to automatically identify software vulnerabilities and create adaptations that shield or repair those vulnerabilities before attackers can exploit them. Adaptive cybersecurity involves efficiently improving software security to minimize the window of attack, and also preserving software functionality as much as possible. This paper presents new tools that...
متن کاملCyber Threats Foresight Against Iran Based on Attack Vector
Cyber threats have been extraordinary increased in recent years. Cyber attackers, including government agencies or hackers, have made significant advances in the use of various tools for attacking target systems in some countries particularly on Islamic republic of Iran. The complexity of cyber threats and the devastating effects of them on critical systems highlights necessity of cyber thr...
متن کاملCyberspace Security Using Adversarial Learning and Conformal Prediction
This paper advances new directions for cyber security using adversarial learning and conformal prediction in order to enhance network and computing services defenses against adaptive, malicious, persistent, and tactical offensive threats. Conformal prediction is the principled and unified adaptive and learning framework used to design, develop, and deploy a multi-faceted self-managing defensive...
متن کاملAdaptive Risk Management System (arms) for Critical Infrastructure Protection
The purpose of this work is to develop an adaptive risk management framework capable to prevent, identify and respond in critical time to threats. Our focus is on protecting critical infrastructure (e.g. public utilities) which vitally depends on network and information security. As solution we propose a holonic Cybersecurity system that unfolds into an emergency response management infrastruct...
متن کاملAn Authorization Framework for Database Systems
Today, data plays an essential role in all levels of human life, from personal cell phones to medical, educational, military and government agencies. In such circumstances, the rate of cyber-attacks is also increasing. According to official reports, data breaches exposed 4.1 billion records in the first half of 2019. An information system consists of several components, which one of the most im...
متن کامل