Increasingly, cyber attacks against enterprises and governments make use of automated tools. For this reason, and given the importance of a timely protection, in the last decade there has been a push in researching methodologies to automate the full defense life-cycle of computer systems. The two core phases of this life-cycle are Intrusion Detection and Intrusion Response. However, while some progress has been done on the former, the latter is still at an early stage. This is due to several factors, among which the lack of a standardized methodology for the validation and comparison of Intrusion Response methodologies. In this paper, we attempt to fill this gap by introducing a methodological framework for the quantitative empirical evaluation of self-protecting systems, based on the metrics of response time and cost. An experimental design is also provided and its applicability is illustrated by the means of a template experiment.
Montemaggio, A., Iannucci, S., Bhowmik, T., Hamilton, J. (2020). Designing a Methodological Framework for the Empirical Evaluation of Self-Protecting Systems. In Proceedings - 2020 IEEE International Conference on Autonomic Computing and Self-Organizing Systems Companion, ACSOS-C 2020 (pp.218-223). 10662 LOS VAQUEROS CIRCLE, PO BOX 3014, LOS ALAMITOS, CA 90720-1264 USA : Institute of Electrical and Electronics Engineers Inc. [10.1109/ACSOS-C51401.2020.00059].
Designing a Methodological Framework for the Empirical Evaluation of Self-Protecting Systems
Iannucci S.;
2020-01-01
Abstract
Increasingly, cyber attacks against enterprises and governments make use of automated tools. For this reason, and given the importance of a timely protection, in the last decade there has been a push in researching methodologies to automate the full defense life-cycle of computer systems. The two core phases of this life-cycle are Intrusion Detection and Intrusion Response. However, while some progress has been done on the former, the latter is still at an early stage. This is due to several factors, among which the lack of a standardized methodology for the validation and comparison of Intrusion Response methodologies. In this paper, we attempt to fill this gap by introducing a methodological framework for the quantitative empirical evaluation of self-protecting systems, based on the metrics of response time and cost. An experimental design is also provided and its applicability is illustrated by the means of a template experiment.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.