One of the major trends in research on Self-Protecting Systems is to use a model of the system to be protected to predict its evolution. However, very often, devising the model requires special knowledge of mathematical frameworks, that prevents the adoption of this technique outside of the academic environment. Furthermore, some of the proposed approaches suffer from the curse of dimensionality, as their complexity is exponential in the size of the protected system. In this paper, we introduce a model-integrated approach for the design of Self-Protecting Systems, which automatically generates and solves Markov Decision Processes (MDPs) to obtain optimal defense strategies for systems under attack. MDPs are created in such a way that the size of the state space does not depend on the size of the system, but on the scope of the attack, which allows us to apply it to systems of arbitrary size.
Iannucci, S., Abdelwahed, S., Montemaggio, A., Hannis, M., Leonard, L., King, J.S., et al. (2020). A Model-Integrated Approach to Designing Self-Protecting Systems. IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 46(12), 1380-1392 [10.1109/TSE.2018.2880218].
A Model-Integrated Approach to Designing Self-Protecting Systems
Iannucci S.
;
2020-01-01
Abstract
One of the major trends in research on Self-Protecting Systems is to use a model of the system to be protected to predict its evolution. However, very often, devising the model requires special knowledge of mathematical frameworks, that prevents the adoption of this technique outside of the academic environment. Furthermore, some of the proposed approaches suffer from the curse of dimensionality, as their complexity is exponential in the size of the protected system. In this paper, we introduce a model-integrated approach for the design of Self-Protecting Systems, which automatically generates and solves Markov Decision Processes (MDPs) to obtain optimal defense strategies for systems under attack. MDPs are created in such a way that the size of the state space does not depend on the size of the system, but on the scope of the attack, which allows us to apply it to systems of arbitrary size.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.