HAL 9000: Skynet's Risk Manager

Tadeu Freitas, Mário Neto, Inês Dutra, João Soares, Manuel Correia, Rolando Martins
{"title":"HAL 9000: Skynet's Risk Manager","authors":"Tadeu Freitas, Mário Neto, Inês Dutra, João Soares, Manuel Correia, Rolando Martins","doi":"arxiv-2311.09449","DOIUrl":null,"url":null,"abstract":"Intrusion Tolerant Systems (ITSs) are a necessary component for\ncyber-services/infrastructures. Additionally, as cyberattacks follow a\nmulti-domain attack surface, a similar defensive approach should be applied,\nnamely, the use of an evolving multi-disciplinary solution that combines ITS,\ncybersecurity and Artificial Intelligence (AI). With the increased popularity\nof AI solutions, due to Big Data use-case scenarios and decision support and\nautomation scenarios, new opportunities to apply Machine Learning (ML)\nalgorithms have emerged, namely ITS empowerment. Using ML algorithms, an ITS\ncan augment its intrusion tolerance capability, by learning from previous\nattacks and from known vulnerabilities. As such, this work's contribution is\ntwofold: (1) an ITS architecture (Skynet) based on the state-of-the-art and\nincorporates new components to increase its intrusion tolerance capability and\nits adaptability to new adversaries; (2) an improved Risk Manager design that\nleverages AI to improve ITSs by automatically assessing OS risks to intrusions,\nand advise with safer configurations. One of the reasons that intrusions are\nsuccessful is due to bad configurations or slow adaptability to new threats.\nThis can be caused by the dependency that systems have for human intervention.\nOne of the characteristics in Skynet and HAL 9000 design is the removal of\nhuman intervention. Being fully automatized lowers the chance of successful\nintrusions caused by human error. Our experiments using Skynet, shows that HAL\nis able to choose 15% safer configurations than the state-of-the-art risk\nmanager.","PeriodicalId":501333,"journal":{"name":"arXiv - CS - Operating Systems","volume":"1 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2023-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Operating Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2311.09449","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

Abstract

Intrusion Tolerant Systems (ITSs) are a necessary component for cyber-services/infrastructures. Additionally, as cyberattacks follow a multi-domain attack surface, a similar defensive approach should be applied, namely, the use of an evolving multi-disciplinary solution that combines ITS, cybersecurity and Artificial Intelligence (AI). With the increased popularity of AI solutions, due to Big Data use-case scenarios and decision support and automation scenarios, new opportunities to apply Machine Learning (ML) algorithms have emerged, namely ITS empowerment. Using ML algorithms, an ITS can augment its intrusion tolerance capability, by learning from previous attacks and from known vulnerabilities. As such, this work's contribution is twofold: (1) an ITS architecture (Skynet) based on the state-of-the-art and incorporates new components to increase its intrusion tolerance capability and its adaptability to new adversaries; (2) an improved Risk Manager design that leverages AI to improve ITSs by automatically assessing OS risks to intrusions, and advise with safer configurations. One of the reasons that intrusions are successful is due to bad configurations or slow adaptability to new threats. This can be caused by the dependency that systems have for human intervention. One of the characteristics in Skynet and HAL 9000 design is the removal of human intervention. Being fully automatized lowers the chance of successful intrusions caused by human error. Our experiments using Skynet, shows that HAL is able to choose 15% safer configurations than the state-of-the-art risk manager.
HAL 9000:天网的风险经理
入侵容忍系统(ITSs)是网络服务/基础设施的必要组成部分。此外,由于网络攻击遵循多域攻击面,因此应采用类似的防御方法,即使用结合ITS,网络安全和人工智能(AI)的不断发展的多学科解决方案。随着人工智能解决方案的日益普及,由于大数据用例场景和决策支持和自动化场景,出现了应用机器学习(ML)算法的新机会,即ITS授权。使用ML算法,通过从以前的攻击和已知的漏洞中学习,ITScan增强了其入侵容忍能力。因此,这项工作的贡献是多方面的:(1)基于最先进的智能交通系统架构(天网),并纳入了新的组件,以提高其入侵容忍能力和对新对手的适应性;(2)改进的风险管理器设计,利用人工智能通过自动评估操作系统对入侵的风险来改进ITSs,并建议更安全的配置。入侵成功的原因之一是由于错误的配置或对新威胁的缓慢适应。这可能是由于系统对人为干预的依赖性造成的。天网和HAL 9000的设计特点之一是消除了人为干预。完全自动化降低了人为错误导致入侵成功的机会。我们使用Skynet进行的实验表明,HALis能够选择比最先进的风险管理器安全15%的配置。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信