Communizer: A collaborative cloud-based self-protecting software communities framework - Focus on the alert coordination system

TitreCommunizer: A collaborative cloud-based self-protecting software communities framework - Focus on the alert coordination system
Publication TypeJournal Article
Year of Publication2022
AuthorsIraqi, O, Bakkali, HE
JournalComputers and Security
Volume117
Mots-clésAutonomic Computing, collaboration, Coordination systems, Economic and social effects, Intrusion detection, Mape, MAPE-K, Self protecting, Self-protecting software, Selfishness, Software community, Trust, Trusted computing
Abstract

Popular software has always been appealing to adversaries, as related vulnerabilities are synonymous with millions of exposed businesses. Collaborative intrusion detection, as well as software self-protection, try to alleviate this situation. However, they lack either autonomy and adaptation, or Internet-scale oversight and mitigation. In this work, we present Communizer: a collaborative cloud-based framework that creates communities of self-protecting software across organizations. It allows community members to turn their common weaknesses into collaborative and proactive self-protection, empowering them to detect intrusions, exchange alerts, and anticipate attacks. We start by integrating multiple autonomic MAPE-K loops through cloud-based coordination, and a novel hierarchical, regional coordination pattern (HRCP), optimizing scalability, resiliency, accuracy and privacy. Then, we design a trust-based multi-level alert coordination system (TMACS), as well as a lightweight alert coordination message exchange format (ACMEF). At its core, TMACS aggregates, validates, and shares security alerts among community members while fostering agreement and managing trust. It also addresses insider attacks by detecting and blacklisting rogue members. Moreover, TMACS identifies and neutralizes selfish members through a specifically designed probabilistic model. The analysis, optimization, and evaluation of TMACS show a good trade-off between the precision and recall of untrustworthy and selfish members detection. More importantly, we demonstrate a drastic reduction of monitoring loads on community members while ensuring a high collaborative attack detection and anticipation rate, even for small-scope attacks. © 2022 Elsevier Ltd

URLhttps://www.scopus.com/inward/record.uri?eid=2-s2.0-85127747467&doi=10.1016%2fj.cose.2022.102692&partnerID=40&md5=246bfc07692396ec6709a73d31126fb6
DOI10.1016/j.cose.2022.102692
Revues: 

Partenaires

Localisation

Suivez-nous sur

         

    

Contactez-nous

ENSIAS

Avenue Mohammed Ben Abdallah Regragui, Madinat Al Irfane, BP 713, Agdal Rabat, Maroc

  Télécopie : (+212) 5 37 68 60 78

  Secrétariat de direction : 06 61 48 10 97

        Secrétariat général : 06 61 34 09 27

        Service des affaires financières : 06 61 44 76 79

        Service des affaires estudiantines : 06 62 77 10 17 / n.mhirich@um5s.net.ma

        CEDOC ST2I : 06 66 39 75 16

        Résidences : 06 61 82 89 77

Contacts

    

    Compteur de visiteurs:641,467
    Education - This is a contributing Drupal Theme
    Design by WeebPal.