Self-Protecting Systems (SPS) rely on an autonomic manager to detect and mitigate cyber threats. However, a major challenge in SPS design is ensuring the security of the autonomic manager itself, as its compromise could lead to complete control of the system by an attacker. In this work, we propose a cyber-resilient SPS architecture that leverages permissioned blockchain technology to enhance the trustworthiness of both Intrusion Detection (ID) and Intrusion Response (IR). The proposed architecture is technology-agnostic and adaptable to various ID and IR techniques. We implement a prototype using Quorum and a smart contract and evaluate its performance in terms of overhead and scalability. Experimental results show that the proposed architecture is technically feasible and that it introduces a minimal overhead with respect to non-smart contract-based transactions, and that it can be used on production systems with high event rates despite the inherent scalability issues deriving from the usage of the chosen blockchain technology.
Caiazzi, T., Iannucci, S., Marini, V., Pennino, D., Pizzonia, M., Torlone, R. (2025). A Novel Architecture for Cyber-Resilient Self-Protecting Systems Based on Blockchain. In Proceedings of the 2025 IEEE 49th Annual Computers, Software, and Applications Conference, COMPSAC 2025 (pp.1-8). Institute of Electrical and Electronics Engineers Inc. [10.1109/compsac65507.2025.00010].
A Novel Architecture for Cyber-Resilient Self-Protecting Systems Based on Blockchain
Caiazzi, Tommaso;Iannucci, Stefano;Marini, Valerio;Pennino, Diego;Pizzonia, Maurizio;Torlone, Riccardo
2025-01-01
Abstract
Self-Protecting Systems (SPS) rely on an autonomic manager to detect and mitigate cyber threats. However, a major challenge in SPS design is ensuring the security of the autonomic manager itself, as its compromise could lead to complete control of the system by an attacker. In this work, we propose a cyber-resilient SPS architecture that leverages permissioned blockchain technology to enhance the trustworthiness of both Intrusion Detection (ID) and Intrusion Response (IR). The proposed architecture is technology-agnostic and adaptable to various ID and IR techniques. We implement a prototype using Quorum and a smart contract and evaluate its performance in terms of overhead and scalability. Experimental results show that the proposed architecture is technically feasible and that it introduces a minimal overhead with respect to non-smart contract-based transactions, and that it can be used on production systems with high event rates despite the inherent scalability issues deriving from the usage of the chosen blockchain technology.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
