CyberX: A biologically-inspired platform for cyber trust management

Abstract

Today numerous infrastructure assets remain alarmingly susceptible to advanced, targeted cyber attacks. There is a need to construct trustworthy high-quality protection and defense solutions capable of securing such valuable assets. In our work, we realize such cyber trust through trace-resistant moving-target defense, resilience against failures and attacks, and autonomous trustworthy cooperative defense. Achieving these goals would require software development, management, and operation platforms that support elasticity, diversity, awareness, cooperation, and intelligence. In this paper, we propose CyberX, a situation-aware trustworthy management platform. CyberX utilizes our Cell Oriented Architecture (COA) capability that separates the main design concerns: data, logic and physical resources to employ runtime diversity via hot shuffling of similar-function different-quality-objective code variants. CyberX employs such diversity to modify the application implicit behavior at runtime utilizing autonomous execution elasticity and adaptability. Further, CyberX enhances application resilience against failures and attacks via multi-mode recovery and real-time, context- and situation-aware adjustment of shuffling and recovery policies. Using analysis and simulation, results show that CyberX-managed COA-based software systems can efficiently adapt to maintain the desired performance and resilience objectives even in hazardous, unstable environments at a reasonable overhead.